Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Firewall won't stay on


  • Please log in to reply
11 replies to this topic

#1 Antipodes

Antipodes

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 04 November 2012 - 06:51 PM

Hey guys,

A few months ago my computer started doing acting a little strange, which prompted me to download Mcafee (don't remember what it was doing at the time). I ran a scan and it seemed fixed. Soon thereafter though, I started having blue screens, and my firewall turned off the second I turned it on. So I read through some forums here and downloaded malwarebytes. It fixed a few things, but the problems continued. Now about 1 in 3 times my computer blue sceens on boot. About another 1 in 3, malwarebytes comes on and tells me to quarantine svchost.exe. Obviously it isn't fixing anything though, because it keeps happening. I get random things from Panda antivirus (which I also have) about various and sundry files which it says to delete. The file names change every time, and I can't remember them at the moment.

I googled svchost and found apparently it is a common target for trojans. Can you help me out?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 PM

Posted 04 November 2012 - 06:54 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Antipodes

Antipodes
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 08 November 2012 - 08:31 PM

18:04:10.0378 5188 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:04:10.0898 5188 ============================================================
18:04:10.0898 5188 Current date / time: 2012/11/07 18:04:10.0898
18:04:10.0898 5188 SystemInfo:
18:04:10.0898 5188
18:04:10.0898 5188 OS Version: 6.1.7601 ServicePack: 1.0
18:04:10.0898 5188 Product type: Workstation
18:04:10.0899 5188 ComputerName: KITCHELL-COMP
18:04:10.0899 5188 UserName: Kitchell
18:04:10.0899 5188 Windows directory: C:\Windows
18:04:10.0899 5188 System windows directory: C:\Windows
18:04:10.0899 5188 Running under WOW64
18:04:10.0899 5188 Processor architecture: Intel x64
18:04:10.0899 5188 Number of processors: 4
18:04:10.0899 5188 Page size: 0x1000
18:04:10.0899 5188 Boot type: Normal boot
18:04:10.0899 5188 ============================================================
18:04:12.0381 5188 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:04:12.0410 5188 Drive \Device\Harddisk5\DR5 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:04:12.0413 5188 ============================================================
18:04:12.0413 5188 \Device\Harddisk0\DR0:
18:04:12.0413 5188 MBR partitions:
18:04:12.0413 5188 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:04:12.0413 5188 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72536800
18:04:12.0413 5188 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72569000, BlocksNum 0x219D000
18:04:12.0413 5188 \Device\Harddisk5\DR5:
18:04:12.0415 5188 MBR partitions:
18:04:12.0415 5188 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
18:04:12.0415 5188 ============================================================
18:04:12.0456 5188 C: <-> \Device\Harddisk0\DR0\Partition2
18:04:12.0637 5188 D: <-> \Device\Harddisk0\DR0\Partition3
18:04:12.0658 5188 J: <-> \Device\Harddisk5\DR5\Partition1
18:04:12.0658 5188 ============================================================
18:04:12.0658 5188 Initialize success
18:04:12.0658 5188 ============================================================
18:04:37.0876 5140 ============================================================
18:04:37.0876 5140 Scan started
18:04:37.0876 5140 Mode: Manual; TDLFS;
18:04:37.0876 5140 ============================================================
18:04:43.0024 5140 ================ Scan system memory ========================
18:04:43.0024 5140 System memory - ok
18:04:43.0024 5140 ================ Scan services =============================
18:04:43.0274 5140 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:04:43.0336 5140 1394ohci - ok
18:04:43.0368 5140 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:04:43.0368 5140 ACPI - ok
18:04:43.0383 5140 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:04:43.0446 5140 AcpiPmi - ok
18:04:43.0648 5140 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:04:43.0648 5140 AdobeFlashPlayerUpdateSvc - ok
18:04:43.0711 5140 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:04:43.0742 5140 adp94xx - ok
18:04:43.0773 5140 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:04:43.0789 5140 adpahci - ok
18:04:43.0836 5140 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:04:43.0851 5140 adpu320 - ok
18:04:43.0914 5140 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:04:43.0914 5140 AeLookupSvc - ok
18:04:43.0945 5140 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:04:43.0945 5140 AFD - ok
18:04:43.0976 5140 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:04:43.0976 5140 agp440 - ok
18:04:43.0992 5140 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:04:43.0992 5140 ALG - ok
18:04:44.0023 5140 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:04:44.0038 5140 aliide - ok
18:04:44.0070 5140 [ 87E226C0E11182943D28E8BEC61618CD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:04:44.0148 5140 AMD External Events Utility - ok
18:04:44.0179 5140 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:04:44.0179 5140 amdide - ok
18:04:44.0194 5140 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:04:44.0194 5140 AmdK8 - ok
18:04:44.0366 5140 [ 446A1AAD34191665A8DF6092BD8EB5A8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:04:44.0428 5140 amdkmdag - ok
18:04:44.0444 5140 [ F8F8A908FDB005A65DDF7238C814EEA5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:04:44.0444 5140 amdkmdap - ok
18:04:44.0475 5140 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:04:44.0475 5140 AmdPPM - ok
18:04:44.0506 5140 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:04:44.0569 5140 amdsata - ok
18:04:44.0569 5140 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:04:44.0584 5140 amdsbs - ok
18:04:44.0600 5140 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:04:44.0662 5140 amdxata - ok
18:04:44.0678 5140 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
18:04:44.0678 5140 amd_sata - ok
18:04:44.0709 5140 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
18:04:44.0787 5140 amd_xata - ok
18:04:44.0834 5140 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:04:44.0896 5140 AppID - ok
18:04:44.0912 5140 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:04:44.0912 5140 AppIDSvc - ok
18:04:44.0928 5140 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:04:44.0928 5140 Appinfo - ok
18:04:45.0006 5140 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:04:45.0021 5140 Apple Mobile Device - ok
18:04:45.0037 5140 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:04:45.0052 5140 arc - ok
18:04:45.0068 5140 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:04:45.0084 5140 arcsas - ok
18:04:45.0162 5140 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:04:45.0255 5140 aspnet_state - ok
18:04:45.0333 5140 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:04:45.0364 5140 AsyncMac - ok
18:04:45.0411 5140 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:04:45.0427 5140 atapi - ok
18:04:45.0536 5140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:04:45.0536 5140 AudioEndpointBuilder - ok
18:04:45.0552 5140 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:04:45.0552 5140 AudioSrv - ok
18:04:45.0598 5140 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:04:45.0645 5140 AxInstSV - ok
18:04:45.0708 5140 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:04:45.0739 5140 b06bdrv - ok
18:04:45.0754 5140 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:04:45.0770 5140 b57nd60a - ok
18:04:45.0848 5140 [ 28A4012E68BC9597BCB9B26B51AAC4B6 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:04:45.0942 5140 BBSvc - ok
18:04:45.0973 5140 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:04:46.0035 5140 BBUpdate - ok
18:04:46.0098 5140 [ FDE8C8DC07E75347E4C6B455A0964217 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:04:46.0113 5140 BCM43XX - ok
18:04:46.0129 5140 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:04:46.0144 5140 BDESVC - ok
18:04:46.0191 5140 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:04:46.0191 5140 Beep - ok
18:04:46.0238 5140 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:04:46.0238 5140 BITS - ok
18:04:46.0269 5140 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:04:46.0269 5140 blbdrive - ok
18:04:46.0316 5140 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:04:46.0332 5140 Bonjour Service - ok
18:04:46.0347 5140 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:04:46.0410 5140 bowser - ok
18:04:46.0488 5140 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:04:46.0503 5140 BrFiltLo - ok
18:04:46.0534 5140 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:04:46.0550 5140 BrFiltUp - ok
18:04:46.0581 5140 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:04:46.0581 5140 Browser - ok
18:04:46.0597 5140 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:04:46.0612 5140 Brserid - ok
18:04:46.0628 5140 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:04:46.0644 5140 BrSerWdm - ok
18:04:46.0690 5140 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:04:46.0706 5140 BrUsbMdm - ok
18:04:46.0737 5140 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:04:46.0753 5140 BrUsbSer - ok
18:04:46.0784 5140 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:04:46.0800 5140 BthEnum - ok
18:04:46.0815 5140 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:04:46.0815 5140 BTHMODEM - ok
18:04:46.0862 5140 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:04:46.0862 5140 BthPan - ok
18:04:46.0893 5140 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:04:46.0940 5140 BTHPORT - ok
18:04:46.0971 5140 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:04:46.0987 5140 bthserv - ok
18:04:46.0987 5140 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:04:47.0049 5140 BTHUSB - ok
18:04:47.0080 5140 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
18:04:47.0143 5140 BTWAMPFL - ok
18:04:47.0158 5140 [ 7CF028CE78696882B327FF13D2DFA534 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:04:47.0221 5140 btwaudio - ok
18:04:47.0221 5140 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:04:47.0299 5140 btwavdt - ok
18:04:47.0346 5140 [ 1AD3A2BAF31C4327DCBB2B0ECA4A23BB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:04:47.0361 5140 btwdins - ok
18:04:47.0361 5140 [ 346B4051B3D7FF70E8F027869B8ECA6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
18:04:47.0424 5140 btwl2cap - ok
18:04:47.0439 5140 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:04:47.0502 5140 btwrchid - ok
18:04:47.0580 5140 [ A3AD13CA2747953DDD4C9AE4FB925BEC ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
18:04:47.0642 5140 CalendarSynchService - ok
18:04:47.0876 5140 [ 0AA88D2B4A6A23BC4AFB6488AA2CFACC ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
18:04:47.0907 5140 CarboniteService - ok
18:04:47.0954 5140 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:04:47.0954 5140 cdfs - ok
18:04:47.0985 5140 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:04:48.0048 5140 cdrom - ok
18:04:48.0110 5140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:04:48.0126 5140 CertPropSvc - ok
18:04:48.0219 5140 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
18:04:48.0282 5140 cfwids - ok
18:04:48.0360 5140 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:04:48.0375 5140 circlass - ok
18:04:48.0406 5140 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:04:48.0406 5140 CLFS - ok
18:04:48.0484 5140 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:04:48.0484 5140 clr_optimization_v2.0.50727_32 - ok
18:04:48.0562 5140 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:04:48.0562 5140 clr_optimization_v2.0.50727_64 - ok
18:04:48.0640 5140 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:04:48.0812 5140 clr_optimization_v4.0.30319_32 - ok
18:04:48.0828 5140 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:04:48.0890 5140 clr_optimization_v4.0.30319_64 - ok
18:04:48.0906 5140 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:04:48.0921 5140 CmBatt - ok
18:04:48.0937 5140 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:04:48.0937 5140 cmdide - ok
18:04:48.0968 5140 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:04:49.0015 5140 CNG - ok
18:04:49.0046 5140 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:04:49.0046 5140 Compbatt - ok
18:04:49.0077 5140 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:04:49.0140 5140 CompositeBus - ok
18:04:49.0155 5140 COMSysApp - ok
18:04:49.0171 5140 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:04:49.0171 5140 crcdisk - ok
18:04:49.0202 5140 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:04:49.0218 5140 CryptSvc - ok
18:04:49.0264 5140 [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
18:04:49.0264 5140 ctxusbm - ok
18:04:49.0296 5140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:04:49.0296 5140 DcomLaunch - ok
18:04:49.0311 5140 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:04:49.0327 5140 defragsvc - ok
18:04:49.0342 5140 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:04:49.0420 5140 DfsC - ok
18:04:49.0483 5140 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:04:49.0483 5140 Dhcp - ok
18:04:49.0498 5140 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:04:49.0498 5140 discache - ok
18:04:49.0561 5140 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:04:49.0576 5140 Disk - ok
18:04:49.0592 5140 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:04:49.0592 5140 Dnscache - ok
18:04:49.0608 5140 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:04:49.0654 5140 dot3svc - ok
18:04:49.0670 5140 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:04:49.0686 5140 DPS - ok
18:04:49.0779 5140 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:04:49.0795 5140 drmkaud - ok
18:04:49.0951 5140 [ 3EEF0B3489EDBF725564E17C77CABAFD ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
18:04:50.0013 5140 dsNcAdpt - ok
18:04:50.0107 5140 [ B9750C064B43C7A3BBC8A74F1127AA4E ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
18:04:50.0216 5140 dsNcService - ok
18:04:50.0341 5140 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:04:50.0419 5140 DXGKrnl - ok
18:04:50.0450 5140 EagleX64 - ok
18:04:50.0466 5140 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:04:50.0481 5140 EapHost - ok
18:04:50.0528 5140 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:04:50.0575 5140 ebdrv - ok
18:04:50.0606 5140 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:04:50.0606 5140 EFS - ok
18:04:50.0700 5140 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:04:50.0762 5140 ehRecvr - ok
18:04:50.0793 5140 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:04:50.0793 5140 ehSched - ok
18:04:50.0871 5140 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:04:50.0902 5140 elxstor - ok
18:04:50.0918 5140 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:04:50.0918 5140 ErrDev - ok
18:04:50.0965 5140 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:04:50.0965 5140 EventSystem - ok
18:04:50.0980 5140 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:04:50.0996 5140 exfat - ok
18:04:51.0027 5140 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:04:51.0043 5140 fastfat - ok
18:04:51.0121 5140 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:04:51.0121 5140 Fax - ok
18:04:51.0136 5140 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:04:51.0136 5140 fdc - ok
18:04:51.0152 5140 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:04:51.0152 5140 fdPHost - ok
18:04:51.0168 5140 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:04:51.0168 5140 FDResPub - ok
18:04:51.0183 5140 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:04:51.0183 5140 FileInfo - ok
18:04:51.0199 5140 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:04:51.0199 5140 Filetrace - ok
18:04:51.0214 5140 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:04:51.0214 5140 flpydisk - ok
18:04:51.0246 5140 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:04:51.0292 5140 FltMgr - ok
18:04:51.0324 5140 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:04:51.0339 5140 FontCache - ok
18:04:51.0355 5140 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:04:51.0355 5140 FontCache3.0.0.0 - ok
18:04:51.0370 5140 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:04:51.0370 5140 FsDepends - ok
18:04:51.0402 5140 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:04:51.0464 5140 Fs_Rec - ok
18:04:51.0480 5140 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:04:51.0480 5140 fvevol - ok
18:04:51.0495 5140 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:04:51.0511 5140 gagp30kx - ok
18:04:51.0542 5140 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
18:04:51.0604 5140 GamesAppService - ok
18:04:51.0636 5140 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:04:51.0698 5140 GEARAspiWDM - ok
18:04:51.0792 5140 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:04:51.0807 5140 gpsvc - ok
18:04:51.0854 5140 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:04:51.0854 5140 hcw85cir - ok
18:04:51.0885 5140 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:04:51.0948 5140 HdAudAddService - ok
18:04:52.0010 5140 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:04:52.0010 5140 HDAudBus - ok
18:04:52.0026 5140 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:04:52.0041 5140 HidBatt - ok
18:04:52.0088 5140 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:04:52.0104 5140 HidBth - ok
18:04:52.0135 5140 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:04:52.0135 5140 HidIr - ok
18:04:52.0166 5140 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:04:52.0166 5140 hidserv - ok
18:04:52.0228 5140 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:04:52.0291 5140 HidUsb - ok
18:04:52.0353 5140 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
18:04:52.0416 5140 HipShieldK - ok
18:04:52.0431 5140 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:04:52.0431 5140 hkmsvc - ok
18:04:52.0462 5140 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:04:52.0462 5140 HomeGroupListener - ok
18:04:52.0478 5140 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:04:52.0478 5140 HomeGroupProvider - ok
18:04:52.0525 5140 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:04:52.0587 5140 HP Support Assistant Service - ok
18:04:52.0634 5140 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
18:04:52.0696 5140 HPClientSvc - ok
18:04:52.0712 5140 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
18:04:52.0790 5140 HPDrvMntSvc.exe - ok
18:04:52.0806 5140 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:04:52.0915 5140 hpqwmiex - ok
18:04:53.0008 5140 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:04:53.0071 5140 HpSAMD - ok
18:04:53.0086 5140 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:04:53.0102 5140 HTTP - ok
18:04:53.0102 5140 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:04:53.0118 5140 hwpolicy - ok
18:04:53.0133 5140 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:04:53.0133 5140 i8042prt - ok
18:04:53.0164 5140 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:04:54.0880 5140 iaStorV - ok
18:04:54.0943 5140 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:04:55.0083 5140 idsvc - ok
18:04:55.0177 5140 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:04:55.0255 5140 igfx - ok
18:04:55.0286 5140 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:04:55.0286 5140 iirsp - ok
18:04:55.0317 5140 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:04:55.0333 5140 IKEEXT - ok
18:04:55.0395 5140 [ 392D5C87F282E8E36DF5154418A7BB20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:04:55.0473 5140 IntcAzAudAddService - ok
18:04:55.0489 5140 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:04:55.0489 5140 intelide - ok
18:04:55.0520 5140 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:04:55.0520 5140 intelppm - ok
18:04:55.0551 5140 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:04:55.0551 5140 IPBusEnum - ok
18:04:55.0567 5140 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:04:55.0629 5140 IpFilterDriver - ok
18:04:55.0629 5140 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:04:55.0692 5140 IPMIDRV - ok
18:04:55.0754 5140 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:04:55.0785 5140 IPNAT - ok
18:04:55.0848 5140 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:04:55.0863 5140 iPod Service - ok
18:04:55.0926 5140 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:04:55.0926 5140 IRENUM - ok
18:04:55.0957 5140 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:04:55.0972 5140 isapnp - ok
18:04:56.0004 5140 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:04:56.0082 5140 iScsiPrt - ok
18:04:56.0113 5140 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:04:56.0128 5140 kbdclass - ok
18:04:56.0144 5140 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:04:56.0206 5140 kbdhid - ok
18:04:56.0222 5140 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:04:56.0222 5140 KeyIso - ok
18:04:56.0253 5140 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:04:56.0300 5140 KSecDD - ok
18:04:56.0316 5140 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:04:56.0378 5140 KSecPkg - ok
18:04:56.0378 5140 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:04:56.0394 5140 ksthunk - ok
18:04:56.0409 5140 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:04:56.0425 5140 KtmRm - ok
18:04:56.0456 5140 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:04:56.0456 5140 LanmanServer - ok
18:04:56.0487 5140 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:04:56.0487 5140 LanmanWorkstation - ok
18:04:56.0518 5140 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:04:56.0518 5140 lltdio - ok
18:04:56.0550 5140 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:04:56.0550 5140 lltdsvc - ok
18:04:56.0565 5140 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:04:56.0581 5140 lmhosts - ok
18:04:56.0596 5140 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:04:56.0612 5140 LSI_FC - ok
18:04:56.0628 5140 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:04:56.0628 5140 LSI_SAS - ok
18:04:56.0643 5140 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:04:56.0643 5140 LSI_SAS2 - ok
18:04:56.0659 5140 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:04:56.0659 5140 LSI_SCSI - ok
18:04:56.0674 5140 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:04:56.0690 5140 luafv - ok
18:04:56.0721 5140 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:04:56.0737 5140 MBAMProtector - ok
18:04:56.0768 5140 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:04:56.0846 5140 MBAMScheduler - ok
18:04:56.0877 5140 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:04:56.0955 5140 MBAMService - ok
18:04:57.0033 5140 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:04:57.0096 5140 McAfee SiteAdvisor Service - ok
18:04:57.0096 5140 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:04:57.0111 5140 McMPFSvc - ok
18:04:57.0111 5140 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:04:57.0111 5140 mcmscsvc - ok
18:04:57.0127 5140 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:04:57.0127 5140 McNaiAnn - ok
18:04:57.0142 5140 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:04:57.0142 5140 McNASvc - ok
18:04:57.0205 5140 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
18:04:57.0220 5140 McODS - ok
18:04:57.0252 5140 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:04:57.0252 5140 McProxy - ok
18:04:57.0267 5140 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
18:04:57.0345 5140 McShield - ok
18:04:57.0376 5140 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:04:57.0439 5140 Mcx2Svc - ok
18:04:57.0454 5140 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:04:57.0470 5140 megasas - ok
18:04:57.0501 5140 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:04:57.0517 5140 MegaSR - ok
18:04:57.0626 5140 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
18:04:57.0688 5140 mfeapfk - ok
18:04:57.0813 5140 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
18:04:57.0876 5140 mfeavfk - ok
18:04:57.0907 5140 mfeavfk01 - ok
18:04:57.0985 5140 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:04:58.0078 5140 mfefire - ok
18:04:58.0125 5140 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
18:04:58.0219 5140 mfefirek - ok
18:04:58.0312 5140 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
18:04:58.0437 5140 mfehidk - ok
18:04:58.0500 5140 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
18:04:58.0593 5140 mferkdet - ok
18:04:58.0656 5140 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
18:04:58.0765 5140 mfevtp - ok
18:04:58.0796 5140 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
18:04:58.0890 5140 mfewfpk - ok
18:04:58.0936 5140 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:04:58.0936 5140 MMCSS - ok
18:04:58.0983 5140 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:04:58.0999 5140 Modem - ok
18:04:59.0061 5140 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:04:59.0061 5140 monitor - ok
18:04:59.0077 5140 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:04:59.0092 5140 mouclass - ok
18:04:59.0124 5140 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:04:59.0124 5140 mouhid - ok
18:04:59.0155 5140 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:04:59.0170 5140 mountmgr - ok
18:04:59.0186 5140 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:04:59.0264 5140 mpio - ok
18:04:59.0295 5140 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:04:59.0295 5140 mpsdrv - ok
18:04:59.0326 5140 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:04:59.0404 5140 MRxDAV - ok
18:04:59.0420 5140 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:04:59.0467 5140 mrxsmb - ok
18:04:59.0498 5140 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:04:59.0545 5140 mrxsmb10 - ok
18:04:59.0576 5140 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:04:59.0638 5140 mrxsmb20 - ok
18:04:59.0654 5140 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:04:59.0716 5140 msahci - ok
18:04:59.0732 5140 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:04:59.0810 5140 msdsm - ok
18:04:59.0857 5140 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:04:59.0872 5140 MSDTC - ok
18:04:59.0935 5140 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:04:59.0935 5140 Msfs - ok
18:04:59.0966 5140 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:04:59.0982 5140 mshidkmdf - ok
18:04:59.0997 5140 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:05:00.0013 5140 msisadrv - ok
18:05:00.0060 5140 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:05:00.0075 5140 MSiSCSI - ok
18:05:00.0091 5140 msiserver - ok
18:05:00.0138 5140 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:05:00.0153 5140 MSKSSRV - ok
18:05:00.0216 5140 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:05:00.0231 5140 MSPCLOCK - ok
18:05:00.0262 5140 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:05:00.0278 5140 MSPQM - ok
18:05:00.0309 5140 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:05:00.0372 5140 MsRPC - ok
18:05:00.0403 5140 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:05:00.0403 5140 mssmbios - ok
18:05:00.0450 5140 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:05:00.0465 5140 MSTEE - ok
18:05:00.0496 5140 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:05:00.0512 5140 MTConfig - ok
18:05:00.0528 5140 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:05:00.0543 5140 Mup - ok
18:05:00.0621 5140 [ 07B2740CF3294B98380B9E1BF8AB05B8 ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
18:05:00.0699 5140 NanoServiceMain - ok
18:05:00.0746 5140 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:05:00.0762 5140 napagent - ok
18:05:00.0824 5140 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:05:00.0840 5140 NativeWifiP - ok
18:05:00.0902 5140 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:05:00.0918 5140 NDIS - ok
18:05:00.0949 5140 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:05:00.0980 5140 NdisCap - ok
18:05:01.0011 5140 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:05:01.0027 5140 NdisTapi - ok
18:05:01.0058 5140 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:05:01.0136 5140 Ndisuio - ok
18:05:01.0152 5140 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:05:01.0198 5140 NdisWan - ok
18:05:01.0214 5140 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:05:01.0276 5140 NDProxy - ok
18:05:01.0292 5140 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:05:01.0308 5140 NetBIOS - ok
18:05:01.0339 5140 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:05:01.0339 5140 NetBT - ok
18:05:01.0370 5140 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:05:01.0370 5140 Netlogon - ok
18:05:01.0417 5140 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:05:01.0417 5140 Netman - ok
18:05:01.0479 5140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:01.0588 5140 NetMsmqActivator - ok
18:05:01.0604 5140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:01.0604 5140 NetPipeActivator - ok
18:05:01.0620 5140 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:05:01.0635 5140 netprofm - ok
18:05:01.0635 5140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:01.0635 5140 NetTcpActivator - ok
18:05:01.0651 5140 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:05:01.0651 5140 NetTcpPortSharing - ok
18:05:01.0698 5140 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:05:01.0698 5140 nfrd960 - ok
18:05:01.0760 5140 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:05:01.0776 5140 NlaSvc - ok
18:05:01.0822 5140 [ A82F339386766C585C3CF0C10AA9A002 ] NNSALPC C:\Windows\system32\DRIVERS\NNSAlpc.sys
18:05:01.0900 5140 NNSALPC - ok
18:05:01.0978 5140 [ 2A0C5D3890FC56254CBFA8D2A2DFA62C ] NNSHTTP C:\Windows\system32\DRIVERS\NNSHttp.sys
18:05:02.0056 5140 NNSHTTP - ok
18:05:02.0072 5140 [ 27F12CE54A0319527E599ACD193B86F5 ] NNSIDS C:\Windows\system32\DRIVERS\NNSIds.sys
18:05:02.0134 5140 NNSIDS - ok
18:05:02.0181 5140 [ 02D6C70D0CA4040C81698A2014019E0A ] NNSNAHSL C:\Windows\system32\DRIVERS\NNSNAHSL.sys
18:05:02.0244 5140 NNSNAHSL - ok
18:05:02.0259 5140 [ 488A615DDA26640FBEAC945678208E23 ] NNSPICC C:\Windows\system32\DRIVERS\NNSPicc.sys
18:05:02.0322 5140 NNSPICC - ok
18:05:02.0384 5140 [ 7A07299FB6BCE5F563B852FE930B5311 ] NNSPIHSW C:\Windows\system32\DRIVERS\NNSPihsw.sys
18:05:02.0400 5140 NNSPIHSW - ok
18:05:02.0431 5140 [ 643FE52EA4C41E806B6906CF0C786D24 ] NNSPOP3 C:\Windows\system32\DRIVERS\NNSPop3.sys
18:05:02.0431 5140 NNSPOP3 - ok
18:05:02.0446 5140 [ A5DFD37B6E05E976DD70DF5D202C9BCA ] NNSPROT C:\Windows\system32\DRIVERS\NNSProt.sys
18:05:02.0446 5140 NNSPROT - ok
18:05:02.0462 5140 [ A0C7A228D06B1E9FC5AB4AC7B50FE612 ] NNSPRV C:\Windows\system32\DRIVERS\NNSPrv.sys
18:05:02.0462 5140 NNSPRV - ok
18:05:02.0493 5140 [ F41B212F242B02AE54317E073CC9D02E ] NNSSMTP C:\Windows\system32\DRIVERS\NNSSmtp.sys
18:05:02.0509 5140 NNSSMTP - ok
18:05:02.0524 5140 [ B6D8243E45687B3791CBDABBE2697699 ] NNSSTRM C:\Windows\system32\DRIVERS\NNSStrm.sys
18:05:02.0524 5140 NNSSTRM - ok
18:05:02.0540 5140 [ 1257C0FB4765B6D33F9EAEA326995ABA ] NNSTLSC C:\Windows\system32\DRIVERS\NNSTlsc.sys
18:05:02.0540 5140 NNSTLSC - ok
18:05:02.0571 5140 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:05:02.0571 5140 Npfs - ok
18:05:02.0602 5140 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:05:02.0618 5140 nsi - ok
18:05:02.0634 5140 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:05:02.0634 5140 nsiproxy - ok
18:05:02.0727 5140 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:05:02.0774 5140 Ntfs - ok
18:05:02.0805 5140 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:05:02.0805 5140 Null - ok
18:05:02.0836 5140 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:05:02.0836 5140 nvraid - ok
18:05:02.0852 5140 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:05:02.0868 5140 nvstor - ok
18:05:02.0914 5140 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:05:02.0930 5140 nv_agp - ok
18:05:02.0961 5140 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:05:02.0977 5140 ohci1394 - ok
18:05:03.0008 5140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:05:03.0024 5140 p2pimsvc - ok
18:05:03.0039 5140 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:05:03.0055 5140 p2psvc - ok
18:05:03.0117 5140 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:05:03.0117 5140 Parport - ok
18:05:03.0226 5140 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:05:03.0242 5140 partmgr - ok
18:05:03.0273 5140 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:05:03.0289 5140 PcaSvc - ok
18:05:03.0304 5140 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:05:03.0320 5140 pci - ok
18:05:03.0367 5140 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:05:03.0382 5140 pciide - ok
18:05:03.0398 5140 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:05:03.0414 5140 pcmcia - ok
18:05:03.0429 5140 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:05:03.0429 5140 pcw - ok
18:05:03.0460 5140 pdfcDispatcher - ok
18:05:03.0476 5140 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:05:03.0476 5140 PEAUTH - ok
18:05:03.0601 5140 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:05:03.0601 5140 PerfHost - ok
18:05:03.0694 5140 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:05:03.0819 5140 pla - ok
18:05:03.0866 5140 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:05:03.0882 5140 PlugPlay - ok
18:05:03.0913 5140 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:05:03.0928 5140 PNRPAutoReg - ok
18:05:03.0960 5140 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:05:03.0975 5140 PNRPsvc - ok
18:05:04.0053 5140 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:05:04.0069 5140 PolicyAgent - ok
18:05:04.0131 5140 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:05:04.0131 5140 Power - ok
18:05:04.0240 5140 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:05:04.0240 5140 PptpMiniport - ok
18:05:04.0303 5140 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:05:04.0303 5140 Processor - ok
18:05:04.0396 5140 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:05:04.0396 5140 ProfSvc - ok
18:05:04.0428 5140 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:05:04.0428 5140 ProtectedStorage - ok
18:05:04.0506 5140 [ 93FCC67F07A27B8571001260FD40C440 ] PsBoot C:\Windows\system32\Drivers\PsBoot.sys
18:05:04.0521 5140 PsBoot - ok
18:05:04.0584 5140 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:05:04.0584 5140 Psched - ok
18:05:04.0646 5140 [ 943ECA8A96D9F36EB3AF1F012216ADEB ] PSINAflt C:\Windows\system32\DRIVERS\PSINAflt.sys
18:05:04.0646 5140 PSINAflt - ok
18:05:04.0677 5140 [ CD5869D68E270C128AE6D871FE2DE761 ] PSINFile C:\Windows\system32\DRIVERS\PSINFile.sys
18:05:04.0677 5140 PSINFile - ok
18:05:04.0724 5140 [ 455A23DEDCCE1D381887603B6F27F322 ] PSINKNC C:\Windows\system32\DRIVERS\psinknc.sys
18:05:04.0740 5140 PSINKNC - ok
18:05:04.0740 5140 [ 3BAA93657716BA8FC253BEBD683A328C ] PSINProc C:\Windows\system32\DRIVERS\PSINProc.sys
18:05:04.0755 5140 PSINProc - ok
18:05:04.0771 5140 [ 5F1894391EF5AE210FBCCA90ABC66437 ] PSINProt C:\Windows\system32\DRIVERS\PSINProt.sys
18:05:04.0771 5140 PSINProt - ok
18:05:04.0818 5140 [ E437C22DD66BA8F763F01D02C9713F8D ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
18:05:04.0880 5140 PSKMAD - ok
18:05:04.0911 5140 [ 98A9D3236C6301503571DE79B86E8538 ] PSUAService C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
18:05:05.0005 5140 PSUAService - ok
18:05:05.0098 5140 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:05:05.0130 5140 ql2300 - ok
18:05:05.0161 5140 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:05:05.0161 5140 ql40xx - ok
18:05:05.0208 5140 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:05:05.0223 5140 QWAVE - ok
18:05:05.0223 5140 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:05:05.0239 5140 QWAVEdrv - ok
18:05:05.0254 5140 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:05:05.0254 5140 RasAcd - ok
18:05:05.0286 5140 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:05:05.0286 5140 RasAgileVpn - ok
18:05:05.0364 5140 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:05:05.0379 5140 RasAuto - ok
18:05:05.0410 5140 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:05:05.0410 5140 Rasl2tp - ok
18:05:05.0442 5140 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:05:05.0457 5140 RasMan - ok
18:05:05.0473 5140 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:05:05.0473 5140 RasPppoe - ok
18:05:05.0504 5140 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:05:05.0504 5140 RasSstp - ok
18:05:05.0520 5140 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:05:05.0520 5140 rdbss - ok
18:05:05.0535 5140 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:05:05.0535 5140 rdpbus - ok
18:05:05.0566 5140 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:05:05.0566 5140 RDPCDD - ok
18:05:05.0582 5140 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:05:05.0582 5140 RDPENCDD - ok
18:05:05.0613 5140 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:05:05.0613 5140 RDPREFMP - ok
18:05:05.0644 5140 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:05:05.0660 5140 RDPWD - ok
18:05:05.0738 5140 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:05:05.0754 5140 rdyboost - ok
18:05:05.0863 5140 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:05:05.0894 5140 RemoteAccess - ok
18:05:05.0925 5140 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:05:05.0941 5140 RemoteRegistry - ok
18:05:06.0003 5140 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:05:06.0003 5140 RFCOMM - ok
18:05:06.0034 5140 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:05:06.0034 5140 RpcEptMapper - ok
18:05:06.0066 5140 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:05:06.0081 5140 RpcLocator - ok
18:05:06.0112 5140 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:05:06.0128 5140 RpcSs - ok
18:05:06.0159 5140 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:05:06.0159 5140 rspndr - ok
18:05:06.0222 5140 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:05:06.0222 5140 RTL8167 - ok
18:05:06.0237 5140 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:05:06.0253 5140 SamSs - ok
18:05:06.0253 5140 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:05:06.0253 5140 sbp2port - ok
18:05:06.0300 5140 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:05:06.0331 5140 SCardSvr - ok
18:05:06.0346 5140 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:05:06.0346 5140 scfilter - ok
18:05:06.0378 5140 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:05:06.0409 5140 Schedule - ok
18:05:06.0440 5140 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:05:06.0440 5140 SCPolicySvc - ok
18:05:06.0502 5140 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:05:06.0502 5140 sdbus - ok
18:05:06.0518 5140 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:05:06.0596 5140 SDRSVC - ok
18:05:06.0627 5140 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:05:06.0627 5140 secdrv - ok
18:05:06.0627 5140 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:05:06.0690 5140 seclogon - ok
18:05:06.0721 5140 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:05:06.0736 5140 SENS - ok
18:05:06.0752 5140 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:05:06.0768 5140 SensrSvc - ok
18:05:06.0783 5140 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:05:06.0783 5140 Serenum - ok
18:05:06.0814 5140 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:05:06.0830 5140 Serial - ok
18:05:06.0846 5140 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:05:06.0861 5140 sermouse - ok
18:05:06.0877 5140 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:05:06.0892 5140 SessionEnv - ok
18:05:06.0908 5140 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:05:06.0924 5140 sffdisk - ok
18:05:06.0939 5140 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:05:06.0955 5140 sffp_mmc - ok
18:05:06.0986 5140 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:05:07.0002 5140 sffp_sd - ok
18:05:07.0033 5140 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:05:07.0048 5140 sfloppy - ok
18:05:07.0095 5140 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:05:07.0095 5140 ShellHWDetection - ok
18:05:07.0126 5140 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:05:07.0142 5140 SiSRaid2 - ok
18:05:07.0158 5140 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:05:07.0173 5140 SiSRaid4 - ok
18:05:07.0251 5140 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:05:17.0703 5140 SkypeUpdate - ok
18:05:17.0781 5140 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:05:17.0797 5140 Smb - ok
18:05:17.0875 5140 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:05:17.0906 5140 SNMPTRAP - ok
18:05:17.0953 5140 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:05:17.0953 5140 spldr - ok
18:05:18.0000 5140 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:05:18.0015 5140 Spooler - ok
18:05:18.0109 5140 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:05:18.0140 5140 sppsvc - ok
18:05:18.0171 5140 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:05:18.0187 5140 sppuinotify - ok
18:05:18.0249 5140 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:05:18.0265 5140 srv - ok
18:05:18.0312 5140 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:05:18.0312 5140 srv2 - ok
18:05:18.0358 5140 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:05:18.0358 5140 srvnet - ok
18:05:18.0421 5140 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:05:18.0421 5140 SSDPSRV - ok
18:05:18.0436 5140 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:05:18.0436 5140 SstpSvc - ok
18:05:18.0468 5140 Steam Client Service - ok
18:05:18.0468 5140 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:05:18.0483 5140 stexstor - ok
18:05:18.0499 5140 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:05:18.0561 5140 stisvc - ok
18:05:18.0608 5140 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:05:18.0608 5140 swenum - ok
18:05:18.0639 5140 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:05:18.0655 5140 swprv - ok
18:05:18.0686 5140 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:05:18.0717 5140 SysMain - ok
18:05:18.0733 5140 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:05:18.0780 5140 TabletInputService - ok
18:05:18.0811 5140 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:05:18.0811 5140 TapiSrv - ok
18:05:18.0826 5140 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:05:18.0842 5140 TBS - ok
18:05:18.0920 5140 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:05:18.0967 5140 Tcpip - ok
18:05:18.0998 5140 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:05:19.0014 5140 TCPIP6 - ok
18:05:19.0045 5140 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:05:19.0045 5140 tcpipreg - ok
18:05:19.0060 5140 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:05:19.0060 5140 TDPIPE - ok
18:05:19.0076 5140 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:05:19.0076 5140 TDTCP - ok
18:05:19.0092 5140 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:05:19.0092 5140 tdx - ok
18:05:19.0107 5140 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:05:19.0107 5140 TermDD - ok
18:05:19.0123 5140 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:05:19.0138 5140 TermService - ok
18:05:19.0154 5140 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:05:19.0154 5140 Themes - ok
18:05:19.0170 5140 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:05:19.0170 5140 THREADORDER - ok
18:05:19.0185 5140 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:05:19.0201 5140 TrkWks - ok
18:05:19.0232 5140 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:05:19.0232 5140 TrustedInstaller - ok
18:05:19.0263 5140 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:05:19.0263 5140 tssecsrv - ok
18:05:19.0279 5140 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:05:19.0279 5140 TsUsbFlt - ok
18:05:19.0310 5140 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:05:19.0310 5140 TsUsbGD - ok
18:05:19.0341 5140 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:05:19.0341 5140 tunnel - ok
18:05:19.0357 5140 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:05:19.0357 5140 uagp35 - ok
18:05:19.0372 5140 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:05:19.0372 5140 udfs - ok
18:05:19.0404 5140 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:05:19.0404 5140 UI0Detect - ok
18:05:19.0435 5140 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:05:19.0435 5140 uliagpkx - ok
18:05:19.0466 5140 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:05:19.0466 5140 umbus - ok
18:05:19.0466 5140 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:05:19.0482 5140 UmPass - ok
18:05:19.0497 5140 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:05:19.0497 5140 upnphost - ok
18:05:19.0528 5140 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:05:19.0544 5140 USBAAPL64 - ok
18:05:19.0560 5140 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:05:19.0560 5140 usbccgp - ok
18:05:19.0575 5140 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:05:19.0575 5140 usbcir - ok
18:05:19.0575 5140 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:05:19.0591 5140 usbehci - ok
18:05:19.0591 5140 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
18:05:19.0591 5140 usbfilter - ok
18:05:19.0622 5140 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:05:19.0622 5140 usbhub - ok
18:05:19.0638 5140 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:05:19.0638 5140 usbohci - ok
18:05:19.0653 5140 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:05:19.0653 5140 usbprint - ok
18:05:19.0716 5140 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:05:19.0716 5140 USBSTOR - ok
18:05:19.0778 5140 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:05:19.0794 5140 usbuhci - ok
18:05:19.0840 5140 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:05:19.0856 5140 UxSms - ok
18:05:19.0856 5140 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:05:19.0872 5140 VaultSvc - ok
18:05:19.0918 5140 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:05:19.0918 5140 vdrvroot - ok
18:05:19.0950 5140 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:05:20.0043 5140 vds - ok
18:05:20.0059 5140 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:05:20.0059 5140 vga - ok
18:05:20.0074 5140 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:05:20.0074 5140 VgaSave - ok
18:05:20.0090 5140 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:05:20.0090 5140 vhdmp - ok
18:05:20.0121 5140 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:05:20.0121 5140 viaide - ok
18:05:20.0137 5140 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:05:20.0137 5140 volmgr - ok
18:05:20.0152 5140 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:05:20.0152 5140 volmgrx - ok
18:05:20.0168 5140 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:05:20.0168 5140 volsnap - ok
18:05:20.0184 5140 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:05:20.0199 5140 vsmraid - ok
18:05:20.0230 5140 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:05:20.0246 5140 VSS - ok
18:05:20.0246 5140 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:05:20.0246 5140 vwifibus - ok
18:05:20.0277 5140 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:05:20.0277 5140 vwififlt - ok
18:05:20.0293 5140 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:05:20.0293 5140 vwifimp - ok
18:05:20.0324 5140 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:05:20.0324 5140 W32Time - ok
18:05:20.0355 5140 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:05:20.0355 5140 WacomPen - ok
18:05:20.0386 5140 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:05:20.0386 5140 WANARP - ok
18:05:20.0402 5140 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:05:20.0402 5140 Wanarpv6 - ok
18:05:20.0527 5140 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:05:20.0620 5140 WatAdminSvc - ok
18:05:20.0667 5140 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:05:20.0745 5140 wbengine - ok
18:05:20.0761 5140 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:05:20.0776 5140 WbioSrvc - ok
18:05:20.0792 5140 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:05:20.0839 5140 wcncsvc - ok
18:05:20.0854 5140 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:05:20.0854 5140 WcsPlugInService - ok
18:05:20.0870 5140 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:05:20.0870 5140 Wd - ok
18:05:20.0886 5140 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:05:20.0901 5140 Wdf01000 - ok
18:05:20.0917 5140 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:05:20.0917 5140 WdiServiceHost - ok
18:05:20.0917 5140 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:05:20.0917 5140 WdiSystemHost - ok
18:05:20.0932 5140 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:05:20.0979 5140 WebClient - ok
18:05:20.0995 5140 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:05:21.0010 5140 Wecsvc - ok
18:05:21.0026 5140 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:05:21.0026 5140 wercplsupport - ok
18:05:21.0042 5140 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:05:21.0057 5140 WerSvc - ok
18:05:21.0073 5140 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:05:21.0088 5140 WfpLwf - ok
18:05:21.0088 5140 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:05:21.0088 5140 WIMMount - ok
18:05:21.0104 5140 WinHttpAutoProxySvc - ok
18:05:21.0135 5140 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:05:21.0135 5140 Winmgmt - ok
18:05:21.0198 5140 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:05:21.0260 5140 WinRM - ok
18:05:21.0307 5140 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:05:21.0322 5140 WinUsb - ok
18:05:21.0354 5140 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:05:21.0369 5140 Wlansvc - ok
18:05:21.0416 5140 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:05:21.0478 5140 wlcrasvc - ok
18:05:21.0525 5140 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:05:21.0541 5140 wlidsvc - ok
18:05:21.0572 5140 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:05:21.0572 5140 WmiAcpi - ok
18:05:21.0603 5140 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:05:21.0603 5140 wmiApSrv - ok
18:05:21.0619 5140 WMPNetworkSvc - ok
18:05:21.0650 5140 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:05:21.0650 5140 WPCSvc - ok
18:05:21.0666 5140 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:05:21.0666 5140 WPDBusEnum - ok
18:05:21.0728 5140 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:05:21.0744 5140 ws2ifsl - ok
18:05:21.0868 5140 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
18:05:21.0884 5140 WSDPrintDevice - ok
18:05:21.0900 5140 WSearch - ok
18:05:22.0009 5140 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:05:22.0087 5140 wuauserv - ok
18:05:22.0165 5140 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:05:22.0165 5140 WudfPf - ok
18:05:22.0212 5140 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:05:22.0212 5140 WUDFRd - ok
18:05:22.0227 5140 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:05:22.0227 5140 wudfsvc - ok
18:05:22.0258 5140 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:05:22.0258 5140 WwanSvc - ok
18:05:22.0336 5140 X6va009 - ok
18:05:22.0368 5140 ================ Scan global ===============================
18:05:22.0368 5140 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:05:22.0414 5140 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
18:05:22.0430 5140 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
18:05:22.0461 5140 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:05:22.0461 5140 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:05:22.0477 5140 [Global] - ok
18:05:22.0477 5140 ================ Scan MBR ==================================
18:05:22.0477 5140 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:05:22.0477 5140 Suspicious mbr (Forged): \Device\Harddisk0\DR0
18:05:22.0539 5140 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:05:22.0539 5140 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:05:22.0602 5140 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:05:22.0602 5140 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:05:22.0617 5140 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR5
18:05:22.0726 5140 \Device\Harddisk5\DR5 - ok
18:05:22.0726 5140 ================ Scan VBR ==================================
18:05:22.0726 5140 [ 8D7A666A1FEDF9237E131EE091D45872 ] \Device\Harddisk0\DR0\Partition1
18:05:22.0726 5140 \Device\Harddisk0\DR0\Partition1 - ok
18:05:22.0773 5140 [ A8EFAC69DEA8C1C7DF0A8F5C56F792FE ] \Device\Harddisk0\DR0\Partition2
18:05:22.0773 5140 \Device\Harddisk0\DR0\Partition2 - ok
18:05:22.0804 5140 [ 2F32B2E62E4A1EA08A2F6C6CC34634A5 ] \Device\Harddisk0\DR0\Partition3
18:05:22.0820 5140 \Device\Harddisk0\DR0\Partition3 - ok
18:05:22.0820 5140 [ 1A6B164BF728D16A1E378D5B81620282 ] \Device\Harddisk5\DR5\Partition1
18:05:22.0820 5140 \Device\Harddisk5\DR5\Partition1 - ok
18:05:22.0820 5140 ============================================================
18:05:22.0820 5140 Scan finished
18:05:22.0820 5140 ============================================================
18:05:22.0851 5180 Detected object count: 2
18:05:22.0851 5180 Actual detected object count: 2
18:06:52.0445 5180 \Device\Harddisk0\DR0\# - copied to quarantine
18:06:52.0508 5180 \Device\Harddisk0\DR0 - copied to quarantine
18:06:52.0632 5180 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:06:52.0648 5180 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:06:52.0757 5180 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:06:52.0788 5180 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:06:52.0804 5180 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:06:52.0804 5180 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:06:52.0820 5180 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:06:52.0820 5180 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:06:52.0835 5180 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:06:52.0866 5180 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:06:52.0866 5180 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:06:52.0866 5180 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
18:06:52.0882 5180 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
18:06:53.0054 5180 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
18:06:53.0100 5180 \Device\Harddisk0\DR0 - ok
18:06:53.0631 5180 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
18:06:53.0631 5180 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:06:53.0631 5180 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-11-07 18:11:00
-----------------------------
18:11:00.618 OS Version: Windows x64 6.1.7601 Service Pack 1
18:11:00.618 Number of processors: 4 586 0x100
18:11:00.618 ComputerName: KITCHELL-COMP UserName: Kitchell
18:11:04.549 Initialize success
18:16:49.834 AVAST engine defs: 12110701
18:19:02.664 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000078
18:19:02.664 Disk 0 Vendor: Hitachi_ JP4O Size: 953869MB BusType: 11
18:19:02.664 Device \Driver\amd_sata -> MajorFunction fffffa80082035e8
18:19:02.664 Disk 0 MBR read successfully
18:19:02.664 Disk 0 MBR scan
18:19:02.680 Disk 0 Windows 7 default MBR code
18:19:02.711 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:19:02.742 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 936557 MB offset 206848
18:19:02.789 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 17210 MB offset 1918275584
18:19:03.039 Disk 0 scanning C:\Windows\system32\drivers
18:19:39.371 Service scanning
18:20:10.790 Modules scanning
18:20:10.790 Disk 0 trace - called modules:
18:20:10.790 ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys >>UNKNOWN [0xfffffa80082035e8]<<
18:20:10.805 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80077e9060]
18:20:10.805 3 CLASSPNP.SYS[fffff8800186c43f] -> nt!IofCallDriver -> [0xfffffa80074f8040]
18:20:10.805 5 amd_xata.sys[fffff88000e728f7] -> nt!IofCallDriver -> \Device\00000078[0xfffffa80074f46f0]
18:20:10.805 \Driver\amd_sata[0xfffffa80081573c0] -> IRP_MJ_CREATE -> 0xfffffa80082035e8
18:20:13.566 AVAST engine scan C:\Windows
18:20:20.228 AVAST engine scan C:\Windows\system32
18:26:15.503 AVAST engine scan C:\Windows\system32\drivers
18:26:38.793 AVAST engine scan C:\Users\Kitchell
18:56:33.459 Disk 0 MBR has been saved successfully to "C:\Users\Kitchell\Desktop\MBR.dat"
18:56:33.474 The log file has been saved successfully to "C:\Users\Kitchell\Desktop\aswMBR.txt"


The last one didn't find any threats (admittedly, my computer shut down after the first scan overnight so I had to scan it again.)

Hope this helps.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 PM

Posted 08 November 2012 - 09:09 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 Antipodes

Antipodes
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 12 November 2012 - 08:13 PM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.08.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Kitchell :: KITCHELL-COMP [administrator]

11/10/2012 10:15:29 AM
mbam-log-2012-11-10 (10-15-29).txt

Scan type: Full scan (C:\|D:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 888707
Time elapsed: 4 hour(s), 8 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
----------------------------------------------------------------------------
MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Kitchell (administrator) on 12-11-2012 at 18:22:32
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom WLAN Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?C) subinterface=ethernet_9 mtu=1477


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Kitchell-Comp
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter
Physical Address. . . . . . . . . : 00-FF-10-40-FE-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 9C-B7-0D-3C-28-E1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 74-DE-2B-79-17-51
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom WLAN Adapter
Physical Address. . . . . . . . . : 9C-B7-0D-3C-28-E1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1051:6a2b:fa8f:1046%13(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.0.6(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, November 12, 2012 6:18:44 PM
Lease Expires . . . . . . . . . . : Tuesday, November 13, 2012 6:18:48 PM
Default Gateway . . . . . . . . . : 10.0.0.1
DHCP Server . . . . . . . . . . . : 10.0.0.1
DHCPv6 IAID . . . . . . . . . . . : 259317291
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-8C-52-D1-38-60-77-B9-8C-07
DNS Servers . . . . . . . . . . . : 10.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 38-60-77-B9-8C-07
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{CE6E06A3-A567-443B-8CDC-72D84E5DD65E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{7DA9B0F0-AC67-4D36-9420-924C807A56D1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{0FDA7121-08D2-4FC3-A071-E6D54380A168}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{EE7BFEC3-6B69-4858-8E1F-7CD90386D956}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{44340FCC-2DE4-4728-976C-A836F232878F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 2607:f8b0:4000:800::100e
74.125.227.100
74.125.227.101
74.125.227.102
74.125.227.103
74.125.227.104
74.125.227.105
74.125.227.110
74.125.227.96
74.125.227.97
74.125.227.98
74.125.227.99


Pinging google.com [74.125.227.101] with 32 bytes of data:
Reply from 74.125.227.101: bytes=32 time=24ms TTL=50
Reply from 74.125.227.101: bytes=32 time=39ms TTL=50

Ping statistics for 74.125.227.101:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 24ms, Maximum = 39ms, Average = 31ms
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=184ms TTL=44
Reply from 98.139.183.24: bytes=32 time=189ms TTL=44

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 184ms, Maximum = 189ms, Average = 186ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
19...00 ff 10 40 fe 08 ......Juniper Network Connect Virtual Adapter
16...9c b7 0d 3c 28 e1 ......Microsoft Virtual WiFi Miniport Adapter
14...74 de 2b 79 17 51 ......Bluetooth Device (Personal Area Network)
13...9c b7 0d 3c 28 e1 ......Broadcom WLAN Adapter
12...38 60 77 b9 8c 07 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.6 25
10.0.0.0 255.255.255.0 On-link 10.0.0.6 281
10.0.0.6 255.255.255.255 On-link 10.0.0.6 281
10.0.0.255 255.255.255.255 On-link 10.0.0.6 281
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.0.0.6 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.0.0.6 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
13 281 fe80::/64 On-link
13 281 fe80::1051:6a2b:fa8f:1046/128
On-link
1 306 ff00::/8 On-link
13 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/10/2012 02:57:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/09/2012 06:37:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/09/2012 05:50:19 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 4072 (0xfe8)

Thread address : 0x0000000076E7135A

Thread message :

Build VSCORE.15.1.0.461 / 5500.1093
Object being scanned = \Device\HarddiskVolume2\Windows\SysWOW64\wship6.dll
by C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (11/08/2012 05:52:57 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/08/2012 05:52:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/08/2012 04:17:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2012 07:13:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2012 07:13:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2012 07:05:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (11/07/2012 06:57:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/12/2012 06:21:21 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (11/12/2012 06:21:21 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (11/12/2012 06:20:53 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (11/12/2012 06:19:58 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891

Error: (11/12/2012 06:19:58 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/12/2012 06:18:44 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (11/12/2012 06:18:43 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (11/12/2012 06:18:43 PM) (Source: Service Control Manager) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891

Error: (11/12/2012 06:18:43 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (11/12/2012 06:18:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060


Microsoft Office Sessions:
=========================
Error: (11/10/2012 02:57:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/09/2012 06:37:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/09/2012 05:50:19 PM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900004072 (0xfe8)0x0000000076E7135A
Build VSCORE.15.1.0.461 / 5500.1093
Object being scanned = \Device\HarddiskVolume2\Windows\SysWOW64\wship6.dll
by C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (11/08/2012 05:52:57 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kitchell\Downloads\esetsmartinstaller_enu.exe

Error: (11/08/2012 05:52:53 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kitchell\Downloads\esetsmartinstaller_enu.exe

Error: (11/08/2012 04:17:28 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (11/07/2012 07:13:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kitchell\Downloads\esetsmartinstaller_enu.exe

Error: (11/07/2012 07:13:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kitchell\Downloads\esetsmartinstaller_enu.exe

Error: (11/07/2012 07:05:59 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kitchell\Downloads\esetsmartinstaller_enu.exe

Error: (11/07/2012 06:57:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Kitchell\Downloads\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
Date: 2012-11-10 13:01:58.553
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Old comp\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-10 13:01:58.463
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Old comp\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-10 13:01:58.385
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Old comp\Windows\System32\bcrypt.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-11-10 10:16:51.225
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-10 10:16:51.218
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

Date: 2012-11-10 10:16:51.212
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Altitude
AMD APP SDK Runtime (Version: 2.5.732.1)
AMD Catalyst Install Manager (Version: 3.0.842.0)
AMD Media Foundation Decoders (Version: 1.0.60914.1136)
AMD Steady Video Plug-In (Version: 1.00.0000)
AMD VISION Engine Control Center (Version: 2011.0908.1355.23115)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Beat Hazard
Bejeweled 3 (Version: 2.2.0.97)
Bing Bar (Version: 7.0.826.0)
Black Prophecy
Blackhawk Striker 2 (Version: 2.2.0.95)
Blio (Version: 2.2.8188)
Bluetooth by hp (Version: 6.3.0.8200)
Bonjour (Version: 3.0.0.10)
Bubble Wrap (Version: 1.0.0.0)
Call of Duty 4: Modern Warfare
Carbonite (Version: 5.4.0 build 2526 (Oct-21-2012))
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0908.1355.23115)
Catalyst Control Center InstallProxy (Version: 2011.0908.1355.23115)
Catalyst Control Center Localization All (Version: 2011.0908.1355.23115)
ccc-utility64 (Version: 2011.0908.1355.23115)
CCC Help Chinese Standard (Version: 2011.0908.1354.23115)
CCC Help Chinese Traditional (Version: 2011.0908.1354.23115)
CCC Help Czech (Version: 2011.0908.1354.23115)
CCC Help Danish (Version: 2011.0908.1354.23115)
CCC Help Dutch (Version: 2011.0908.1354.23115)
CCC Help English (Version: 2011.0908.1354.23115)
CCC Help Finnish (Version: 2011.0908.1354.23115)
CCC Help French (Version: 2011.0908.1354.23115)
CCC Help German (Version: 2011.0908.1354.23115)
CCC Help Greek (Version: 2011.0908.1354.23115)
CCC Help Hungarian (Version: 2011.0908.1354.23115)
CCC Help Italian (Version: 2011.0908.1354.23115)
CCC Help Japanese (Version: 2011.0908.1354.23115)
CCC Help Korean (Version: 2011.0908.1354.23115)
CCC Help Norwegian (Version: 2011.0908.1354.23115)
CCC Help Polish (Version: 2011.0908.1354.23115)
CCC Help Portuguese (Version: 2011.0908.1354.23115)
CCC Help Russian (Version: 2011.0908.1354.23115)
CCC Help Spanish (Version: 2011.0908.1354.23115)
CCC Help Swedish (Version: 2011.0908.1354.23115)
CCC Help Thai (Version: 2011.0908.1354.23115)
CCC Help Turkish (Version: 2011.0908.1354.23115)
Chuzzle Deluxe (Version: 2.2.0.95)
Cities XL - Limited Edition
Citrix Authentication Manager (Version: 2.0.0.41479)
Citrix Receiver (HDX Flash Redirection) (Version: 13.1.201.3)
Citrix Receiver (Version: 13.1.201.3)
Citrix Receiver Inside (Version: 3.2.0.5844)
Citrix Receiver(Aero) (Version: 13.1.201.3)
Citrix Receiver(DV) (Version: 13.1.201.3)
Citrix Receiver(USB) (Version: 13.1.201.3)
Coupon Printer for Windows (Version: 5.0.0.1)
Cradle of Rome 2 (Version: 2.2.0.98)
D3DX10 (Version: 15.4.2368.0902)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Dora's World Adventure (Version: 2.2.0.95)
ESET Online Scanner v3
Facebook (Version: 1.1.0004)
Farm Frenzy (Version: 2.2.0.98)
Farmscapes (Version: 2.2.0.98)
FATE (Version: 2.2.0.97)
Final Drive Fury (Version: 2.2.0.95)
Google Chrome (Version: 23.0.1271.64)
Gotham City Impostors: Free To Play
H&R Block Deluxe + Efile + State 2011 (Version: 11.05.6901)
H&R Block Louisiana 2011 (Version: 1.11.2901)
Hewlett-Packard ACLM.NET v1.1.2.0 (Version: 1.00.0000)
Hoyle Card Games (Version: 2.2.0.95)
HP Application Assistant (Version: 1.0.393.3870)
HP Auto (Version: 1.0.12935.3667)
HP Calendar (Version: 5.1.4245.23508)
HP Client Services (Version: 1.1.12938.3539)
HP Clock (Version: 5.1.4244.16367)
HP Customer Experience Enhancements (Version: 6.0.1.8)
HP Games (Version: 1.0.2.5)
HP LinkUp (Version: 2.01.029)
HP Magic Canvas (Version: 5.1.15.0)
HP Magic Canvas Tutorials (Version: 5.0.0.3)
HP MovieStore (Version: 2.1.091)
HP MovieStore (Version: 2.1.21091.0)
HP Notes (Version: 5.1.4274.30382)
HP Odometer (Version: 2.10.0000)
HP RSS (Version: 5.1.4301.21494)
HP Setup (Version: 9.0.15130.3904)
HP Setup Manager (Version: 1.2.15145.3905)
HP Support Assistant (Version: 6.1.12.1)
HP Support Information (Version: 11.00.0001)
HP TouchSmart RecipeBox (Version: 3.0.3830.27730)
HP Update (Version: 5.003.001.001)
HP Vision Hardware Diagnostics (Version: 2.12.1.0)
HP Weather (Version: 5.1.4295.16450)
iTunes (Version: 10.7.0.21)
Java Auto Updater (Version: 2.1.6.0)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Jewel Match 3 (Version: 2.2.0.98)
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (Version: 2.2.0.98)
John Deere Drive Green (Version: 2.2.0.95)
Juniper Networks Network Connect 6.5.0 (Version: 6.5.0.15255)
Juniper Networks Setup Client (Version: 2.1.2.5973)
Juniper Networks Setup Client Activex Control (Version: 2.1.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Kobo (Version: 2.0.3)
LabelPrint (Version: 2.5.4507)
Letters from Nowhere 2 (Version: 2.2.0.97)
Luxor HD (Version: 2.2.0.98)
Mah Jong Medley (Version: 2.2.0.95)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
MapleStory
McAfee AntiVirus Plus (Version: 11.6.435)
McAfee Virtual Technician (Version: 6.5.0.2101)
Mesh Runtime (Version: 15.4.5722.2)
Metric Converter (Version: 1.0.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Mathematics (Version: 4.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nexon Game Manager
NVIDIA PhysX (Version: 9.09.0203)
Online Plug-in (Version: 13.1.201.3)
OpenOffice.org 3.3 (Version: 3.3.9567)
opensource (Version: 1.0.14960.3876)
Panda Cloud Antivirus (Version: 2.0.0)
Panda Cloud Antivirus (Version: 4.02.00.0000)
Panda Security Toolbar (Version: 3.0.0.9b)
Panda Security URL Filtering (Version: 2.0.0.13)
Pando Media Booster (Version: 2.6.0.8)
PDF Complete Special Edition (Version: 4.0.65)
Penguins! (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
Plants vs. Zombies: Game of the Year
PlayReady PC Runtime amd64 (Version: 1.3.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Poker Superstars III (Version: 2.2.0.95)
Polar Bowler (Version: 2.2.0.97)
Polar Golfer (Version: 2.2.0.98)
Portal
Portal 2
Power2Go (Version: 6.1.5706)
PressReader (Version: 5.11.0721.0)
Puzzle Dimension
Realtek High Definition Audio Driver (Version: 6.0.1.6387)
Recovery Manager (Version: 5.5.0.4424)
Remote Graphics Receiver (Version: 5.4.5)
RollerCoaster Tycoon 3: Platinum (Version: 2.2.0.98)
Self-service Plug-in (Version: 3.2.0.24226)
Shared C Run-time for x64 (Version: 10.0.0)
Sid Meier's Civilization V
Skype™ 5.10 (Version: 5.10.116)
Sleeping Dogs™
SONIC THE HEDGEHOG 4 Episode I
Spot (Version: 1.0.0.0)
Spotify (Version: 0.8.5.1333.g822e0de8)
Star Wars - Jedi Knight: Mysteries of the Sith
Star Wars Jedi Knight: Dark Forces II
StarCraft II (Version: 1.4.3.21029)
Steam (Version: 1.0.0.0)
Super Monday Night Combat
Tap Tap Bear (Version: 1.0.0.0)
Team Fortress 2
The Elder Scrolls III: Morrowind
The Elder Scrolls IV: Oblivion
The Silver Lining (Version: 4.0.0)
The Treasures of Mystery Island: The Ghost Ship (Version: 2.2.0.98)
Toolbar Cleaner 1.0
Torchlight (Version: 2.2.0.98)
Trine
Trine 2
Trojan SVCHOSTRemoval Tool (Version: 1.0)
TSHostedAppLauncher (Version: 5.1.15.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)
WildTangent Games App (HP Games) (Version: 4.0.5.32)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Zinio Reader 4 (Version: 4.2.4164)
Zuma's Revenge (Version: 2.2.0.98)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 7666.85 MB
Available physical RAM: 5607.59 MB
Total Pagefile: 15331.89 MB
Available Pagefile: 12968.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.82 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:914.61 GB) (Free:721.42 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:16.81 GB) (Free:2.1 GB) NTFS
3 Drive e: (DESPICABLE_ME) (CDROM) (Total:7.77 GB) (Free:0 GB) UDF
8 Drive j: (FreeAgent Drive) (Fixed) (Total:931.51 GB) (Free:645.82 GB) NTFS

========================= Users: ========================================

User accounts for \\KITCHELL-COMP

Administrator Becca Guest
Kitchell

========================= Restore Points ==================================

05-11-2012 04:12:17 Windows Update
05-11-2012 18:47:13 Windows Update
06-11-2012 04:02:28 Windows Update
06-11-2012 12:14:58 Windows Update
06-11-2012 21:44:09 Windows Update
08-11-2012 09:00:13 Windows Update

**** End of log ****
------------------------------------------------------------------------------------
Farbar Service Scanner Version: 09-11-2012
Ran by Kitchell (administrator) on 12-11-2012 at 18:24:41
Running from "C:\Users\Kitchell\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
------------------------------------------------------------------
# AdwCleaner v2.007 - Logfile created 11/12/2012 at 18:26:26
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Kitchell - KITCHELL-COMP
# Boot Mode : Normal
# Running from : C:\Users\Kitchell\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.64

File : C:\Users\Kitchell\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Becca\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1271 octets] - [12/11/2012 18:26:26]

########## EOF - C:\AdwCleaner[S1].txt - [1331 octets] ##########
---------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.0.5 (11.12.2012)
OS: Windows 7 Home Premium x64
Ran by Kitchell on Mon 11/12/2012 at 18:34:05.76
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Kitchell\appdata\locallow\playready"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\playready"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 11/12/2012 at 18:39:53.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 PM

Posted 12 November 2012 - 08:47 PM

Run TDSSkiller again and post the clean log

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Run Farbar service scanner again and post the new log


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#7 Antipodes

Antipodes
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 12 November 2012 - 09:22 PM

19:57:39.0076 7376 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:57:39.0708 7376 ============================================================
19:57:39.0709 7376 Current date / time: 2012/11/12 19:57:39.0708
19:57:39.0709 7376 SystemInfo:
19:57:39.0709 7376
19:57:39.0709 7376 OS Version: 6.1.7601 ServicePack: 1.0
19:57:39.0709 7376 Product type: Workstation
19:57:39.0709 7376 ComputerName: KITCHELL-COMP
19:57:39.0709 7376 UserName: Kitchell
19:57:39.0709 7376 Windows directory: C:\Windows
19:57:39.0709 7376 System windows directory: C:\Windows
19:57:39.0709 7376 Running under WOW64
19:57:39.0709 7376 Processor architecture: Intel x64
19:57:39.0709 7376 Number of processors: 4
19:57:39.0709 7376 Page size: 0x1000
19:57:39.0709 7376 Boot type: Normal boot
19:57:39.0709 7376 ============================================================
19:57:39.0969 7376 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:57:40.0057 7376 Drive \Device\Harddisk5\DR5 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:57:40.0060 7376 ============================================================
19:57:40.0060 7376 \Device\Harddisk0\DR0:
19:57:40.0077 7376 MBR partitions:
19:57:40.0077 7376 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:57:40.0077 7376 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x72536800
19:57:40.0077 7376 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72569000, BlocksNum 0x219D000
19:57:40.0077 7376 \Device\Harddisk5\DR5:
19:57:40.0079 7376 MBR partitions:
19:57:40.0079 7376 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
19:57:40.0079 7376 ============================================================
19:57:40.0160 7376 C: <-> \Device\Harddisk0\DR0\Partition2
19:57:40.0266 7376 D: <-> \Device\Harddisk0\DR0\Partition3
19:57:40.0285 7376 J: <-> \Device\Harddisk5\DR5\Partition1
19:57:40.0286 7376 ============================================================
19:57:40.0286 7376 Initialize success
19:57:40.0286 7376 ============================================================
19:57:45.0509 5032 ============================================================
19:57:45.0509 5032 Scan started
19:57:45.0509 5032 Mode: Manual; TDLFS;
19:57:45.0509 5032 ============================================================
19:57:48.0222 5032 ================ Scan system memory ========================
19:57:48.0222 5032 System memory - ok
19:57:48.0224 5032 ================ Scan services =============================
19:57:48.0710 5032 10729518 - ok
19:57:48.0793 5032 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:57:48.0798 5032 1394ohci - ok
19:57:48.0868 5032 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:57:48.0872 5032 ACPI - ok
19:57:48.0941 5032 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:57:48.0943 5032 AcpiPmi - ok
19:57:49.0130 5032 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:57:49.0133 5032 AdobeFlashPlayerUpdateSvc - ok
19:57:49.0194 5032 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:57:49.0198 5032 adp94xx - ok
19:57:49.0265 5032 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:57:49.0269 5032 adpahci - ok
19:57:49.0326 5032 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:57:49.0328 5032 adpu320 - ok
19:57:49.0391 5032 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:57:49.0393 5032 AeLookupSvc - ok
19:57:49.0559 5032 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:57:49.0563 5032 AFD - ok
19:57:49.0600 5032 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:57:49.0602 5032 agp440 - ok
19:57:49.0827 5032 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:57:49.0831 5032 ALG - ok
19:57:49.0947 5032 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:57:49.0948 5032 aliide - ok
19:57:50.0009 5032 [ 87E226C0E11182943D28E8BEC61618CD ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:57:50.0011 5032 AMD External Events Utility - ok
19:57:50.0037 5032 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:57:50.0038 5032 amdide - ok
19:57:50.0083 5032 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:57:50.0085 5032 AmdK8 - ok
19:57:50.0366 5032 [ 446A1AAD34191665A8DF6092BD8EB5A8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:57:50.0426 5032 amdkmdag - ok
19:57:50.0460 5032 [ F8F8A908FDB005A65DDF7238C814EEA5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:57:50.0464 5032 amdkmdap - ok
19:57:50.0531 5032 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:57:50.0536 5032 AmdPPM - ok
19:57:50.0598 5032 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:57:50.0697 5032 amdsata - ok
19:57:50.0746 5032 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:57:50.0754 5032 amdsbs - ok
19:57:50.0784 5032 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:57:50.0851 5032 amdxata - ok
19:57:50.0918 5032 [ 2FBB00A7616106B95104574C6CD640C2 ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
19:57:50.0986 5032 amd_sata - ok
19:57:51.0043 5032 [ 87D0D7645CB0D53220649BD5FE15D93E ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
19:57:51.0109 5032 amd_xata - ok
19:57:51.0252 5032 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:57:51.0321 5032 AppID - ok
19:57:51.0341 5032 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:57:51.0347 5032 AppIDSvc - ok
19:57:51.0400 5032 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:57:51.0477 5032 Appinfo - ok
19:57:51.0624 5032 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:57:51.0723 5032 Apple Mobile Device - ok
19:57:51.0800 5032 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:57:51.0804 5032 arc - ok
19:57:51.0846 5032 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:57:51.0861 5032 arcsas - ok
19:57:52.0030 5032 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:57:52.0124 5032 aspnet_state - ok
19:57:52.0183 5032 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:57:52.0190 5032 AsyncMac - ok
19:57:52.0246 5032 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:57:52.0253 5032 atapi - ok
19:57:52.0375 5032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:57:52.0476 5032 AudioEndpointBuilder - ok
19:57:52.0486 5032 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:57:52.0491 5032 AudioSrv - ok
19:57:52.0608 5032 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:57:52.0689 5032 AxInstSV - ok
19:57:52.0739 5032 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:57:52.0749 5032 b06bdrv - ok
19:57:52.0815 5032 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:57:52.0824 5032 b57nd60a - ok
19:57:52.0898 5032 [ 28A4012E68BC9597BCB9B26B51AAC4B6 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:57:53.0009 5032 BBSvc - ok
19:57:53.0030 5032 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:57:53.0107 5032 BBUpdate - ok
19:57:53.0304 5032 [ FDE8C8DC07E75347E4C6B455A0964217 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
19:57:53.0405 5032 BCM43XX - ok
19:57:53.0486 5032 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:57:53.0491 5032 BDESVC - ok
19:57:53.0589 5032 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:57:53.0603 5032 Beep - ok
19:57:53.0670 5032 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:57:53.0780 5032 BITS - ok
19:57:53.0845 5032 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:57:53.0852 5032 blbdrive - ok
19:57:53.0998 5032 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:57:54.0076 5032 Bonjour Service - ok
19:57:54.0139 5032 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:57:54.0213 5032 bowser - ok
19:57:54.0297 5032 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:57:54.0306 5032 BrFiltLo - ok
19:57:54.0352 5032 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:57:54.0360 5032 BrFiltUp - ok
19:57:54.0388 5032 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:57:54.0439 5032 Browser - ok
19:57:54.0458 5032 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:57:54.0468 5032 Brserid - ok
19:57:54.0498 5032 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:57:54.0505 5032 BrSerWdm - ok
19:57:54.0528 5032 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:57:54.0533 5032 BrUsbMdm - ok
19:57:54.0561 5032 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:57:54.0564 5032 BrUsbSer - ok
19:57:54.0667 5032 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:57:54.0671 5032 BthEnum - ok
19:57:54.0774 5032 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:57:54.0781 5032 BTHMODEM - ok
19:57:54.0816 5032 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:57:54.0823 5032 BthPan - ok
19:57:54.0879 5032 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:57:54.0952 5032 BTHPORT - ok
19:57:55.0048 5032 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:57:55.0056 5032 bthserv - ok
19:57:55.0148 5032 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:57:55.0238 5032 BTHUSB - ok
19:57:55.0365 5032 [ A0DFB69ADE3444C78B17636FCF28E898 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
19:57:55.0438 5032 BTWAMPFL - ok
19:57:55.0462 5032 [ 7CF028CE78696882B327FF13D2DFA534 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:57:55.0526 5032 btwaudio - ok
19:57:55.0549 5032 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:57:55.0623 5032 btwavdt - ok
19:57:55.0735 5032 [ 1AD3A2BAF31C4327DCBB2B0ECA4A23BB ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:57:55.0824 5032 btwdins - ok
19:57:55.0871 5032 [ 346B4051B3D7FF70E8F027869B8ECA6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:57:55.0955 5032 btwl2cap - ok
19:57:55.0974 5032 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:57:56.0036 5032 btwrchid - ok
19:57:56.0097 5032 [ A3AD13CA2747953DDD4C9AE4FB925BEC ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
19:58:01.0902 5032 CalendarSynchService - ok
19:58:02.0187 5032 [ 0AA88D2B4A6A23BC4AFB6488AA2CFACC ] CarboniteService C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
19:58:02.0284 5032 CarboniteService - ok
19:58:02.0311 5032 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:58:02.0316 5032 cdfs - ok
19:58:02.0386 5032 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:58:02.0450 5032 cdrom - ok
19:58:02.0520 5032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:58:02.0584 5032 CertPropSvc - ok
19:58:02.0677 5032 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
19:58:02.0761 5032 cfwids - ok
19:58:02.0795 5032 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:58:02.0799 5032 circlass - ok
19:58:02.0818 5032 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:58:02.0829 5032 CLFS - ok
19:58:02.0934 5032 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:58:02.0945 5032 clr_optimization_v2.0.50727_32 - ok
19:58:02.0993 5032 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:58:03.0007 5032 clr_optimization_v2.0.50727_64 - ok
19:58:03.0117 5032 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:58:03.0227 5032 clr_optimization_v4.0.30319_32 - ok
19:58:03.0279 5032 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:58:03.0364 5032 clr_optimization_v4.0.30319_64 - ok
19:58:03.0454 5032 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:58:03.0467 5032 CmBatt - ok
19:58:03.0529 5032 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:58:03.0540 5032 cmdide - ok
19:58:03.0589 5032 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:58:03.0660 5032 CNG - ok
19:58:03.0725 5032 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:58:03.0740 5032 Compbatt - ok
19:58:03.0806 5032 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:58:03.0889 5032 CompositeBus - ok
19:58:03.0907 5032 COMSysApp - ok
19:58:03.0948 5032 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:58:03.0952 5032 crcdisk - ok
19:58:04.0006 5032 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:58:04.0084 5032 CryptSvc - ok
19:58:04.0172 5032 [ F02D7FD231AF76C69A8F09C619DEE384 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
19:58:04.0260 5032 ctxusbm - ok
19:58:04.0368 5032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:58:04.0448 5032 DcomLaunch - ok
19:58:04.0473 5032 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:58:04.0482 5032 defragsvc - ok
19:58:04.0554 5032 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:58:04.0617 5032 DfsC - ok
19:58:04.0726 5032 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:58:04.0797 5032 Dhcp - ok
19:58:04.0817 5032 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:58:04.0821 5032 discache - ok
19:58:04.0887 5032 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:58:04.0894 5032 Disk - ok
19:58:04.0975 5032 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:58:05.0065 5032 Dnscache - ok
19:58:05.0089 5032 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:58:05.0140 5032 dot3svc - ok
19:58:05.0182 5032 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:58:05.0272 5032 DPS - ok
19:58:05.0366 5032 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:58:05.0382 5032 drmkaud - ok
19:58:05.0451 5032 [ 3EEF0B3489EDBF725564E17C77CABAFD ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
19:58:05.0524 5032 dsNcAdpt - ok
19:58:05.0650 5032 [ B9750C064B43C7A3BBC8A74F1127AA4E ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
19:58:05.0802 5032 dsNcService - ok
19:58:05.0834 5032 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:58:05.0910 5032 DXGKrnl - ok
19:58:06.0004 5032 EagleX64 - ok
19:58:06.0036 5032 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:58:06.0048 5032 EapHost - ok
19:58:06.0160 5032 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:58:06.0221 5032 ebdrv - ok
19:58:06.0248 5032 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:58:06.0314 5032 EFS - ok
19:58:06.0385 5032 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:58:06.0475 5032 ehRecvr - ok
19:58:06.0510 5032 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:58:06.0515 5032 ehSched - ok
19:58:06.0587 5032 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:58:06.0608 5032 elxstor - ok
19:58:06.0640 5032 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:58:06.0648 5032 ErrDev - ok
19:58:06.0740 5032 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:58:06.0758 5032 EventSystem - ok
19:58:06.0804 5032 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:58:06.0815 5032 exfat - ok
19:58:06.0857 5032 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:58:06.0867 5032 fastfat - ok
19:58:06.0923 5032 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:58:07.0005 5032 Fax - ok
19:58:07.0048 5032 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:58:07.0059 5032 fdc - ok
19:58:07.0125 5032 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:58:07.0132 5032 fdPHost - ok
19:58:07.0169 5032 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:58:07.0178 5032 FDResPub - ok
19:58:07.0204 5032 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:58:07.0211 5032 FileInfo - ok
19:58:07.0261 5032 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:58:07.0265 5032 Filetrace - ok
19:58:07.0353 5032 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:58:07.0363 5032 flpydisk - ok
19:58:07.0428 5032 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:58:07.0492 5032 FltMgr - ok
19:58:07.0575 5032 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:58:07.0641 5032 FontCache - ok
19:58:07.0736 5032 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:58:07.0828 5032 FontCache3.0.0.0 - ok
19:58:07.0856 5032 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:58:07.0862 5032 FsDepends - ok
19:58:07.0892 5032 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:58:07.0959 5032 Fs_Rec - ok
19:58:08.0017 5032 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:58:08.0109 5032 fvevol - ok
19:58:08.0162 5032 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:58:08.0179 5032 gagp30kx - ok
19:58:08.0289 5032 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:58:08.0393 5032 GamesAppService - ok
19:58:08.0496 5032 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:58:08.0580 5032 GEARAspiWDM - ok
19:58:08.0626 5032 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:58:08.0681 5032 gpsvc - ok
19:58:08.0812 5032 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:58:08.0821 5032 hcw85cir - ok
19:58:08.0912 5032 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:58:08.0981 5032 HdAudAddService - ok
19:58:09.0017 5032 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:58:09.0076 5032 HDAudBus - ok
19:58:09.0101 5032 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:58:09.0105 5032 HidBatt - ok
19:58:09.0126 5032 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:58:09.0131 5032 HidBth - ok
19:58:09.0146 5032 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:58:09.0151 5032 HidIr - ok
19:58:09.0174 5032 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:58:09.0182 5032 hidserv - ok
19:58:09.0250 5032 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:58:09.0335 5032 HidUsb - ok
19:58:09.0441 5032 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
19:58:09.0507 5032 HipShieldK - ok
19:58:09.0540 5032 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:58:09.0589 5032 hkmsvc - ok
19:58:09.0606 5032 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:58:09.0656 5032 HomeGroupListener - ok
19:58:09.0686 5032 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:58:09.0737 5032 HomeGroupProvider - ok
19:58:09.0852 5032 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:58:09.0934 5032 HP Support Assistant Service - ok
19:58:10.0067 5032 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:58:10.0161 5032 HPClientSvc - ok
19:58:10.0214 5032 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
19:58:10.0329 5032 HPDrvMntSvc.exe - ok
19:58:10.0358 5032 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
19:58:10.0476 5032 hpqwmiex - ok
19:58:10.0568 5032 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:58:10.0656 5032 HpSAMD - ok
19:58:10.0718 5032 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:58:10.0797 5032 HTTP - ok
19:58:10.0822 5032 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:58:10.0872 5032 hwpolicy - ok
19:58:10.0952 5032 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:58:10.0971 5032 i8042prt - ok
19:58:11.0022 5032 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:58:11.0111 5032 iaStorV - ok
19:58:11.0181 5032 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:58:11.0285 5032 idsvc - ok
19:58:11.0501 5032 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:58:11.0574 5032 igfx - ok
19:58:11.0649 5032 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:58:11.0665 5032 iirsp - ok
19:58:11.0778 5032 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:58:11.0869 5032 IKEEXT - ok
19:58:11.0931 5032 [ 392D5C87F282E8E36DF5154418A7BB20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:58:12.0014 5032 IntcAzAudAddService - ok
19:58:12.0059 5032 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:58:12.0062 5032 intelide - ok
19:58:12.0130 5032 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:58:12.0137 5032 intelppm - ok
19:58:12.0191 5032 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:58:12.0208 5032 IPBusEnum - ok
19:58:12.0229 5032 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:58:12.0317 5032 IpFilterDriver - ok
19:58:12.0332 5032 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:58:12.0399 5032 IPMIDRV - ok
19:58:12.0457 5032 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:58:12.0465 5032 IPNAT - ok
19:58:12.0575 5032 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:58:12.0657 5032 iPod Service - ok
19:58:12.0727 5032 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:58:12.0737 5032 IRENUM - ok
19:58:12.0768 5032 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:58:12.0775 5032 isapnp - ok
19:58:12.0804 5032 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:58:12.0883 5032 iScsiPrt - ok
19:58:12.0932 5032 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:58:12.0938 5032 kbdclass - ok
19:58:13.0017 5032 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:58:13.0093 5032 kbdhid - ok
19:58:13.0106 5032 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:58:13.0108 5032 KeyIso - ok
19:58:13.0146 5032 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:58:13.0196 5032 KSecDD - ok
19:58:13.0214 5032 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:58:13.0281 5032 KSecPkg - ok
19:58:13.0363 5032 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:58:13.0374 5032 ksthunk - ok
19:58:13.0429 5032 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:58:13.0445 5032 KtmRm - ok
19:58:13.0505 5032 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:58:13.0564 5032 LanmanServer - ok
19:58:13.0652 5032 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:58:13.0714 5032 LanmanWorkstation - ok
19:58:13.0752 5032 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:58:13.0758 5032 lltdio - ok
19:58:13.0769 5032 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:58:13.0776 5032 lltdsvc - ok
19:58:13.0789 5032 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:58:13.0796 5032 lmhosts - ok
19:58:13.0821 5032 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:58:13.0827 5032 LSI_FC - ok
19:58:13.0841 5032 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:58:13.0846 5032 LSI_SAS - ok
19:58:13.0867 5032 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:58:13.0871 5032 LSI_SAS2 - ok
19:58:13.0889 5032 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:58:13.0895 5032 LSI_SCSI - ok
19:58:13.0917 5032 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:58:13.0921 5032 luafv - ok
19:58:14.0029 5032 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:58:14.0099 5032 McAfee SiteAdvisor Service - ok
19:58:14.0109 5032 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:58:14.0111 5032 McMPFSvc - ok
19:58:14.0146 5032 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:58:14.0149 5032 mcmscsvc - ok
19:58:14.0154 5032 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:58:14.0156 5032 McNaiAnn - ok
19:58:14.0251 5032 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:58:14.0255 5032 McNASvc - ok
19:58:14.0385 5032 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
19:58:14.0490 5032 McODS - ok
19:58:14.0537 5032 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
19:58:14.0540 5032 McProxy - ok
19:58:14.0590 5032 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:58:14.0660 5032 McShield - ok
19:58:14.0698 5032 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:58:14.0774 5032 Mcx2Svc - ok
19:58:14.0806 5032 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:58:14.0813 5032 megasas - ok
19:58:14.0844 5032 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:58:14.0863 5032 MegaSR - ok
19:58:14.0983 5032 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
19:58:15.0074 5032 mfeapfk - ok
19:58:15.0216 5032 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
19:58:15.0307 5032 mfeavfk - ok
19:58:15.0366 5032 mfeavfk01 - ok
19:58:15.0414 5032 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
19:58:15.0494 5032 mfefire - ok
19:58:15.0554 5032 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
19:58:15.0641 5032 mfefirek - ok
19:58:15.0804 5032 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
19:58:15.0899 5032 mfehidk - ok
19:58:15.0997 5032 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
19:58:16.0083 5032 mferkdet - ok
19:58:16.0183 5032 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
19:58:16.0271 5032 mfevtp - ok
19:58:16.0337 5032 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
19:58:16.0422 5032 mfewfpk - ok
19:58:16.0457 5032 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:58:16.0462 5032 MMCSS - ok
19:58:16.0496 5032 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:58:16.0503 5032 Modem - ok
19:58:16.0567 5032 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:58:16.0575 5032 monitor - ok
19:58:16.0688 5032 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:58:16.0703 5032 mouclass - ok
19:58:16.0763 5032 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:58:16.0769 5032 mouhid - ok
19:58:16.0788 5032 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:58:16.0861 5032 mountmgr - ok
19:58:16.0998 5032 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:58:17.0080 5032 MpFilter - ok
19:58:17.0102 5032 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:58:17.0167 5032 mpio - ok
19:58:17.0202 5032 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:58:17.0210 5032 mpsdrv - ok
19:58:17.0235 5032 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:58:17.0303 5032 MRxDAV - ok
19:58:17.0334 5032 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:58:17.0398 5032 mrxsmb - ok
19:58:17.0421 5032 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:58:17.0486 5032 mrxsmb10 - ok
19:58:17.0509 5032 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:58:17.0573 5032 mrxsmb20 - ok
19:58:17.0643 5032 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:58:17.0722 5032 msahci - ok
19:58:17.0742 5032 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:58:17.0814 5032 msdsm - ok
19:58:17.0835 5032 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:58:17.0842 5032 MSDTC - ok
19:58:17.0874 5032 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:58:17.0879 5032 Msfs - ok
19:58:17.0906 5032 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:58:17.0913 5032 mshidkmdf - ok
19:58:17.0974 5032 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:58:17.0983 5032 msisadrv - ok
19:58:18.0094 5032 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:58:18.0105 5032 MSiSCSI - ok
19:58:18.0111 5032 msiserver - ok
19:58:18.0183 5032 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:58:18.0190 5032 MSKSSRV - ok
19:58:18.0310 5032 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:58:18.0391 5032 MsMpSvc - ok
19:58:18.0416 5032 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:58:18.0422 5032 MSPCLOCK - ok
19:58:18.0455 5032 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:58:18.0459 5032 MSPQM - ok
19:58:18.0507 5032 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:58:18.0579 5032 MsRPC - ok
19:58:18.0610 5032 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:58:18.0615 5032 mssmbios - ok
19:58:18.0704 5032 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:58:18.0709 5032 MSTEE - ok
19:58:18.0751 5032 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:58:18.0763 5032 MTConfig - ok
19:58:18.0797 5032 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:58:18.0807 5032 Mup - ok
19:58:18.0894 5032 [ 07B2740CF3294B98380B9E1BF8AB05B8 ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
19:58:18.0989 5032 NanoServiceMain - ok
19:58:19.0069 5032 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:58:19.0121 5032 napagent - ok
19:58:19.0233 5032 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:58:19.0255 5032 NativeWifiP - ok
19:58:19.0308 5032 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:58:19.0401 5032 NDIS - ok
19:58:19.0428 5032 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:58:19.0435 5032 NdisCap - ok
19:58:19.0456 5032 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:58:19.0461 5032 NdisTapi - ok
19:58:19.0470 5032 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:58:19.0534 5032 Ndisuio - ok
19:58:19.0566 5032 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:58:19.0630 5032 NdisWan - ok
19:58:19.0698 5032 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:58:19.0765 5032 NDProxy - ok
19:58:19.0795 5032 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:58:19.0801 5032 NetBIOS - ok
19:58:19.0829 5032 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:58:19.0894 5032 NetBT - ok
19:58:19.0906 5032 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:58:19.0908 5032 Netlogon - ok
19:58:19.0940 5032 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:58:19.0948 5032 Netman - ok
19:58:19.0979 5032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:20.0048 5032 NetMsmqActivator - ok
19:58:20.0052 5032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:20.0054 5032 NetPipeActivator - ok
19:58:20.0072 5032 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:58:20.0083 5032 netprofm - ok
19:58:20.0087 5032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:20.0089 5032 NetTcpActivator - ok
19:58:20.0094 5032 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:58:20.0096 5032 NetTcpPortSharing - ok
19:58:20.0112 5032 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:58:20.0117 5032 nfrd960 - ok
19:58:20.0161 5032 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:58:20.0227 5032 NisDrv - ok
19:58:20.0257 5032 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:58:20.0324 5032 NisSrv - ok
19:58:20.0374 5032 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:58:20.0424 5032 NlaSvc - ok
19:58:20.0460 5032 [ A82F339386766C585C3CF0C10AA9A002 ] NNSALPC C:\Windows\system32\DRIVERS\NNSAlpc.sys
19:58:20.0532 5032 NNSALPC - ok
19:58:20.0568 5032 [ 2A0C5D3890FC56254CBFA8D2A2DFA62C ] NNSHTTP C:\Windows\system32\DRIVERS\NNSHttp.sys
19:58:20.0632 5032 NNSHTTP - ok
19:58:20.0644 5032 [ 27F12CE54A0319527E599ACD193B86F5 ] NNSIDS C:\Windows\system32\DRIVERS\NNSIds.sys
19:58:20.0711 5032 NNSIDS - ok
19:58:20.0763 5032 [ 02D6C70D0CA4040C81698A2014019E0A ] NNSNAHSL C:\Windows\system32\DRIVERS\NNSNAHSL.sys
19:58:20.0852 5032 NNSNAHSL - ok
19:58:20.0861 5032 [ 488A615DDA26640FBEAC945678208E23 ] NNSPICC C:\Windows\system32\DRIVERS\NNSPicc.sys
19:58:20.0928 5032 NNSPICC - ok
19:58:20.0943 5032 [ 7A07299FB6BCE5F563B852FE930B5311 ] NNSPIHSW C:\Windows\system32\DRIVERS\NNSPihsw.sys
19:58:21.0020 5032 NNSPIHSW - ok
19:58:21.0037 5032 [ 643FE52EA4C41E806B6906CF0C786D24 ] NNSPOP3 C:\Windows\system32\DRIVERS\NNSPop3.sys
19:58:21.0104 5032 NNSPOP3 - ok
19:58:21.0115 5032 [ A5DFD37B6E05E976DD70DF5D202C9BCA ] NNSPROT C:\Windows\system32\DRIVERS\NNSProt.sys
19:58:21.0182 5032 NNSPROT - ok
19:58:21.0191 5032 [ A0C7A228D06B1E9FC5AB4AC7B50FE612 ] NNSPRV C:\Windows\system32\DRIVERS\NNSPrv.sys
19:58:21.0257 5032 NNSPRV - ok
19:58:21.0270 5032 [ F41B212F242B02AE54317E073CC9D02E ] NNSSMTP C:\Windows\system32\DRIVERS\NNSSmtp.sys
19:58:21.0338 5032 NNSSMTP - ok
19:58:21.0350 5032 [ B6D8243E45687B3791CBDABBE2697699 ] NNSSTRM C:\Windows\system32\DRIVERS\NNSStrm.sys
19:58:21.0421 5032 NNSSTRM - ok
19:58:21.0435 5032 [ 1257C0FB4765B6D33F9EAEA326995ABA ] NNSTLSC C:\Windows\system32\DRIVERS\NNSTlsc.sys
19:58:21.0503 5032 NNSTLSC - ok
19:58:21.0521 5032 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:58:21.0525 5032 Npfs - ok
19:58:21.0538 5032 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:58:21.0544 5032 nsi - ok
19:58:21.0557 5032 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:58:21.0562 5032 nsiproxy - ok
19:58:21.0610 5032 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:58:21.0672 5032 Ntfs - ok
19:58:21.0719 5032 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:58:21.0726 5032 Null - ok
19:58:21.0746 5032 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:58:21.0815 5032 nvraid - ok
19:58:21.0830 5032 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:58:21.0898 5032 nvstor - ok
19:58:21.0916 5032 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:58:21.0925 5032 nv_agp - ok
19:58:21.0939 5032 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:58:21.0946 5032 ohci1394 - ok
19:58:21.0979 5032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:58:21.0988 5032 p2pimsvc - ok
19:58:22.0011 5032 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:58:22.0022 5032 p2psvc - ok
19:58:22.0042 5032 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:58:22.0048 5032 Parport - ok
19:58:22.0075 5032 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:58:22.0149 5032 partmgr - ok
19:58:22.0164 5032 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:58:22.0173 5032 PcaSvc - ok
19:58:22.0189 5032 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:58:22.0256 5032 pci - ok
19:58:22.0271 5032 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:58:22.0277 5032 pciide - ok
19:58:22.0324 5032 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:58:22.0330 5032 pcmcia - ok
19:58:22.0348 5032 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:58:22.0353 5032 pcw - ok
19:58:22.0367 5032 pdfcDispatcher - ok
19:58:22.0386 5032 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:58:22.0398 5032 PEAUTH - ok
19:58:22.0459 5032 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:58:22.0463 5032 PerfHost - ok
19:58:22.0504 5032 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:58:22.0557 5032 pla - ok
19:58:22.0586 5032 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:58:22.0638 5032 PlugPlay - ok
19:58:22.0651 5032 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:58:22.0659 5032 PNRPAutoReg - ok
19:58:22.0678 5032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:58:22.0683 5032 PNRPsvc - ok
19:58:22.0742 5032 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:58:22.0793 5032 PolicyAgent - ok
19:58:22.0816 5032 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:58:22.0824 5032 Power - ok
19:58:22.0855 5032 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:58:22.0925 5032 PptpMiniport - ok
19:58:22.0935 5032 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:58:22.0939 5032 Processor - ok
19:58:22.0969 5032 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:58:23.0019 5032 ProfSvc - ok
19:58:23.0031 5032 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:58:23.0033 5032 ProtectedStorage - ok
19:58:23.0090 5032 [ 93FCC67F07A27B8571001260FD40C440 ] PsBoot C:\Windows\system32\Drivers\PsBoot.sys
19:58:23.0159 5032 PsBoot - ok
19:58:23.0176 5032 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:58:23.0241 5032 Psched - ok
19:58:23.0285 5032 [ 943ECA8A96D9F36EB3AF1F012216ADEB ] PSINAflt C:\Windows\system32\DRIVERS\PSINAflt.sys
19:58:23.0355 5032 PSINAflt - ok
19:58:23.0368 5032 [ CD5869D68E270C128AE6D871FE2DE761 ] PSINFile C:\Windows\system32\DRIVERS\PSINFile.sys
19:58:23.0433 5032 PSINFile - ok
19:58:23.0459 5032 [ 455A23DEDCCE1D381887603B6F27F322 ] PSINKNC C:\Windows\system32\DRIVERS\psinknc.sys
19:58:23.0527 5032 PSINKNC - ok
19:58:23.0542 5032 [ 3BAA93657716BA8FC253BEBD683A328C ] PSINProc C:\Windows\system32\DRIVERS\PSINProc.sys
19:58:23.0610 5032 PSINProc - ok
19:58:23.0620 5032 [ 5F1894391EF5AE210FBCCA90ABC66437 ] PSINProt C:\Windows\system32\DRIVERS\PSINProt.sys
19:58:23.0689 5032 PSINProt - ok
19:58:23.0744 5032 [ E437C22DD66BA8F763F01D02C9713F8D ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
19:58:23.0815 5032 PSKMAD - ok
19:58:23.0826 5032 [ 98A9D3236C6301503571DE79B86E8538 ] PSUAService C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
19:58:23.0899 5032 PSUAService - ok
19:58:24.0023 5032 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:58:24.0059 5032 ql2300 - ok
19:58:24.0072 5032 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:58:24.0079 5032 ql40xx - ok
19:58:24.0108 5032 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:58:24.0116 5032 QWAVE - ok
19:58:24.0126 5032 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:58:24.0133 5032 QWAVEdrv - ok
19:58:24.0144 5032 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:58:24.0149 5032 RasAcd - ok
19:58:24.0159 5032 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:58:24.0163 5032 RasAgileVpn - ok
19:58:24.0175 5032 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:58:24.0184 5032 RasAuto - ok
19:58:24.0201 5032 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:58:24.0280 5032 Rasl2tp - ok
19:58:24.0312 5032 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:58:24.0361 5032 RasMan - ok
19:58:24.0376 5032 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:58:24.0384 5032 RasPppoe - ok
19:58:24.0397 5032 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:58:24.0402 5032 RasSstp - ok
19:58:24.0415 5032 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:58:24.0479 5032 rdbss - ok
19:58:24.0498 5032 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:58:24.0504 5032 rdpbus - ok
19:58:24.0522 5032 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:58:24.0526 5032 RDPCDD - ok
19:58:24.0540 5032 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:58:24.0545 5032 RDPENCDD - ok
19:58:24.0562 5032 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:58:24.0565 5032 RDPREFMP - ok
19:58:24.0599 5032 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:58:24.0661 5032 RDPWD - ok
19:58:24.0731 5032 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:58:24.0799 5032 rdyboost - ok
19:58:24.0830 5032 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:58:24.0837 5032 RemoteAccess - ok
19:58:24.0853 5032 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:58:24.0859 5032 RemoteRegistry - ok
19:58:24.0893 5032 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:58:24.0901 5032 RFCOMM - ok
19:58:24.0923 5032 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:58:24.0931 5032 RpcEptMapper - ok
19:58:24.0946 5032 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:58:24.0953 5032 RpcLocator - ok
19:58:24.0972 5032 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:58:24.0977 5032 RpcSs - ok
19:58:24.0998 5032 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:58:25.0003 5032 rspndr - ok
19:58:25.0024 5032 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:58:25.0095 5032 RTL8167 - ok
19:58:25.0106 5032 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:58:25.0108 5032 SamSs - ok
19:58:25.0119 5032 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:58:25.0186 5032 sbp2port - ok
19:58:25.0205 5032 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:58:25.0213 5032 SCardSvr - ok
19:58:25.0224 5032 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:58:25.0293 5032 scfilter - ok
19:58:25.0319 5032 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:58:25.0378 5032 Schedule - ok
19:58:25.0403 5032 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:58:25.0405 5032 SCPolicySvc - ok
19:58:25.0427 5032 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:58:25.0490 5032 sdbus - ok
19:58:25.0515 5032 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:58:25.0564 5032 SDRSVC - ok
19:58:25.0587 5032 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:58:25.0592 5032 secdrv - ok
19:58:25.0605 5032 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:58:25.0656 5032 seclogon - ok
19:58:25.0666 5032 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:58:25.0673 5032 SENS - ok
19:58:25.0725 5032 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:58:25.0730 5032 SensrSvc - ok
19:58:25.0740 5032 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:58:25.0744 5032 Serenum - ok
19:58:25.0775 5032 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:58:25.0779 5032 Serial - ok
19:58:25.0789 5032 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:58:25.0793 5032 sermouse - ok
19:58:25.0818 5032 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:58:25.0869 5032 SessionEnv - ok
19:58:25.0880 5032 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:58:25.0886 5032 sffdisk - ok
19:58:25.0898 5032 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:58:25.0903 5032 sffp_mmc - ok
19:58:25.0917 5032 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:58:25.0980 5032 sffp_sd - ok
19:58:25.0993 5032 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:58:25.0998 5032 sfloppy - ok
19:58:26.0017 5032 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:58:26.0067 5032 ShellHWDetection - ok
19:58:26.0081 5032 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:58:26.0087 5032 SiSRaid2 - ok
19:58:26.0103 5032 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:58:26.0109 5032 SiSRaid4 - ok
19:58:26.0158 5032 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:58:32.0569 5032 SkypeUpdate - ok
19:58:32.0607 5032 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:58:32.0618 5032 Smb - ok
19:58:32.0653 5032 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:58:32.0665 5032 SNMPTRAP - ok
19:58:32.0726 5032 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:58:32.0738 5032 spldr - ok
19:58:32.0782 5032 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:58:32.0866 5032 Spooler - ok
19:58:32.0944 5032 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:58:33.0040 5032 sppsvc - ok
19:58:33.0054 5032 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:58:33.0062 5032 sppuinotify - ok
19:58:33.0084 5032 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:58:33.0149 5032 srv - ok
19:58:33.0170 5032 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:58:33.0236 5032 srv2 - ok
19:58:33.0251 5032 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:58:33.0313 5032 srvnet - ok
19:58:33.0349 5032 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:58:33.0357 5032 SSDPSRV - ok
19:58:33.0368 5032 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:58:33.0375 5032 SstpSvc - ok
19:58:33.0406 5032 Steam Client Service - ok
19:58:33.0420 5032 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:58:33.0425 5032 stexstor - ok
19:58:33.0457 5032 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:58:33.0511 5032 stisvc - ok
19:58:33.0534 5032 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:58:33.0541 5032 swenum - ok
19:58:33.0566 5032 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:58:33.0579 5032 swprv - ok
19:58:33.0618 5032 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:58:33.0671 5032 SysMain - ok
19:58:33.0718 5032 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:58:33.0792 5032 TabletInputService - ok
19:58:33.0814 5032 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:58:33.0868 5032 TapiSrv - ok
19:58:33.0881 5032 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:58:33.0887 5032 TBS - ok
19:58:33.0938 5032 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:58:34.0001 5032 Tcpip - ok
19:58:34.0031 5032 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:58:34.0043 5032 TCPIP6 - ok
19:58:34.0070 5032 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:58:34.0135 5032 tcpipreg - ok
19:58:34.0151 5032 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:58:34.0158 5032 TDPIPE - ok
19:58:34.0176 5032 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:58:34.0238 5032 TDTCP - ok
19:58:34.0252 5032 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:58:34.0315 5032 tdx - ok
19:58:34.0343 5032 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:58:34.0394 5032 TermDD - ok
19:58:34.0451 5032 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:58:34.0505 5032 TermService - ok
19:58:34.0529 5032 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:58:34.0537 5032 Themes - ok
19:58:34.0557 5032 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:58:34.0559 5032 THREADORDER - ok
19:58:34.0571 5032 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:58:34.0579 5032 TrkWks - ok
19:58:34.0621 5032 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:58:34.0722 5032 TrustedInstaller - ok
19:58:34.0746 5032 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:58:34.0813 5032 tssecsrv - ok
19:58:34.0823 5032 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:58:34.0888 5032 TsUsbFlt - ok
19:58:34.0911 5032 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:58:34.0978 5032 TsUsbGD - ok
19:58:35.0007 5032 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:58:35.0071 5032 tunnel - ok
19:58:35.0083 5032 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:58:35.0089 5032 uagp35 - ok
19:58:35.0101 5032 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:58:35.0163 5032 udfs - ok
19:58:35.0183 5032 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:58:35.0192 5032 UI0Detect - ok
19:58:35.0206 5032 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:58:35.0211 5032 uliagpkx - ok
19:58:35.0237 5032 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:58:35.0303 5032 umbus - ok
19:58:35.0316 5032 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:58:35.0319 5032 UmPass - ok
19:58:35.0339 5032 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:58:35.0348 5032 upnphost - ok
19:58:35.0376 5032 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:58:35.0447 5032 USBAAPL64 - ok
19:58:35.0464 5032 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:58:35.0527 5032 usbccgp - ok
19:58:35.0551 5032 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:58:35.0558 5032 usbcir - ok
19:58:35.0569 5032 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:58:35.0638 5032 usbehci - ok
19:58:35.0649 5032 [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter C:\Windows\system32\drivers\usbfilter.sys
19:58:35.0717 5032 usbfilter - ok
19:58:35.0751 5032 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:58:35.0813 5032 usbhub - ok
19:58:35.0825 5032 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:58:35.0890 5032 usbohci - ok
19:58:35.0903 5032 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:58:35.0907 5032 usbprint - ok
19:58:35.0925 5032 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:58:35.0997 5032 USBSTOR - ok
19:58:36.0012 5032 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:58:36.0079 5032 usbuhci - ok
19:58:36.0097 5032 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:58:36.0102 5032 UxSms - ok
19:58:36.0107 5032 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:58:36.0110 5032 VaultSvc - ok
19:58:36.0128 5032 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:58:36.0134 5032 vdrvroot - ok
19:58:36.0153 5032 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:58:36.0219 5032 vds - ok
19:58:36.0242 5032 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:58:36.0247 5032 vga - ok
19:58:36.0260 5032 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:58:36.0267 5032 VgaSave - ok
19:58:36.0333 5032 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:58:36.0438 5032 vhdmp - ok
19:58:36.0477 5032 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:58:36.0483 5032 viaide - ok
19:58:36.0501 5032 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:58:36.0574 5032 volmgr - ok
19:58:36.0593 5032 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:58:36.0662 5032 volmgrx - ok
19:58:36.0679 5032 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:58:36.0747 5032 volsnap - ok
19:58:36.0811 5032 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:58:36.0830 5032 vsmraid - ok
19:58:36.0865 5032 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:58:36.0939 5032 VSS - ok
19:58:36.0945 5032 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:58:36.0949 5032 vwifibus - ok
19:58:36.0968 5032 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:58:36.0975 5032 vwififlt - ok
19:58:36.0994 5032 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:58:37.0000 5032 vwifimp - ok
19:58:37.0020 5032 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:58:37.0031 5032 W32Time - ok
19:58:37.0044 5032 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:58:37.0051 5032 WacomPen - ok
19:58:37.0069 5032 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:58:37.0329 5032 WANARP - ok
19:58:37.0333 5032 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:58:37.0335 5032 Wanarpv6 - ok
19:58:37.0384 5032 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:58:37.0451 5032 WatAdminSvc - ok
19:58:37.0498 5032 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:58:37.0568 5032 wbengine - ok
19:58:37.0587 5032 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:58:37.0597 5032 WbioSrvc - ok
19:58:37.0614 5032 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:58:37.0664 5032 wcncsvc - ok
19:58:37.0717 5032 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:58:37.0722 5032 WcsPlugInService - ok
19:58:37.0740 5032 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:58:37.0747 5032 Wd - ok
19:58:37.0771 5032 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:58:37.0784 5032 Wdf01000 - ok
19:58:37.0798 5032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:58:37.0807 5032 WdiServiceHost - ok
19:58:37.0812 5032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:58:37.0815 5032 WdiSystemHost - ok
19:58:37.0830 5032 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:58:37.0882 5032 WebClient - ok
19:58:37.0892 5032 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:58:37.0902 5032 Wecsvc - ok
19:58:37.0915 5032 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:58:37.0922 5032 wercplsupport - ok
19:58:37.0950 5032 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:58:37.0957 5032 WerSvc - ok
19:58:37.0967 5032 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:58:37.0971 5032 WfpLwf - ok
19:58:37.0980 5032 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:58:37.0984 5032 WIMMount - ok
19:58:37.0992 5032 WinHttpAutoProxySvc - ok
19:58:38.0033 5032 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:58:38.0040 5032 Winmgmt - ok
19:58:38.0093 5032 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:58:38.0146 5032 WinRM - ok
19:58:38.0198 5032 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:58:38.0261 5032 WinUsb - ok
19:58:38.0297 5032 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:58:38.0312 5032 Wlansvc - ok
19:58:38.0377 5032 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:58:38.0471 5032 wlcrasvc - ok
19:58:38.0564 5032 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:58:38.0658 5032 wlidsvc - ok
19:58:38.0685 5032 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:58:38.0691 5032 WmiAcpi - ok
19:58:38.0751 5032 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:58:38.0764 5032 wmiApSrv - ok
19:58:38.0785 5032 WMPNetworkSvc - ok
19:58:38.0804 5032 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:58:38.0814 5032 WPCSvc - ok
19:58:38.0830 5032 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:58:38.0897 5032 WPDBusEnum - ok
19:58:38.0907 5032 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:58:38.0911 5032 ws2ifsl - ok
19:58:38.0946 5032 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
19:58:38.0953 5032 WSDPrintDevice - ok
19:58:38.0957 5032 WSearch - ok
19:58:39.0033 5032 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:58:39.0115 5032 wuauserv - ok
19:58:39.0130 5032 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:58:39.0193 5032 WudfPf - ok
19:58:39.0216 5032 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:58:39.0281 5032 WUDFRd - ok
19:58:39.0300 5032 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:58:39.0350 5032 wudfsvc - ok
19:58:39.0363 5032 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:58:39.0373 5032 WwanSvc - ok
19:58:39.0521 5032 X6va009 - ok
19:58:39.0619 5032 ================ Scan global ===============================
19:58:39.0688 5032 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:58:39.0757 5032 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:58:39.0826 5032 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:58:39.0842 5032 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:58:39.0864 5032 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:58:39.0873 5032 [Global] - ok
19:58:39.0874 5032 ================ Scan MBR ==================================
19:58:39.0885 5032 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:58:40.0203 5032 \Device\Harddisk0\DR0 - ok
19:58:40.0212 5032 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk5\DR5
19:58:40.0309 5032 \Device\Harddisk5\DR5 - ok
19:58:40.0310 5032 ================ Scan VBR ==================================
19:58:40.0318 5032 [ 8D7A666A1FEDF9237E131EE091D45872 ] \Device\Harddisk0\DR0\Partition1
19:58:40.0365 5032 \Device\Harddisk0\DR0\Partition1 - ok
19:58:40.0426 5032 [ A8EFAC69DEA8C1C7DF0A8F5C56F792FE ] \Device\Harddisk0\DR0\Partition2
19:58:40.0431 5032 \Device\Harddisk0\DR0\Partition2 - ok
19:58:40.0472 5032 [ 2F32B2E62E4A1EA08A2F6C6CC34634A5 ] \Device\Harddisk0\DR0\Partition3
19:58:40.0476 5032 \Device\Harddisk0\DR0\Partition3 - ok
19:58:40.0484 5032 [ 1A6B164BF728D16A1E378D5B81620282 ] \Device\Harddisk5\DR5\Partition1
19:58:40.0489 5032 \Device\Harddisk5\DR5\Partition1 - ok
19:58:40.0490 5032 ============================================================
19:58:40.0490 5032 Scan finished
19:58:40.0490 5032 ============================================================
19:58:40.0512 2560 Detected object count: 0
19:58:40.0512 2560 Actual detected object count: 0
-----------------------------------------------------------------------------------------
Farbar Service Scanner Version: 09-11-2012
Ran by Kitchell (administrator) on 12-11-2012 at 20:13:21
Running from "C:\Users\Kitchell\Downloads"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
-----------------------------------------------------------------------------------

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/12/2012 08:14:58 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\Kitchell\Downloads\FSS.exe (PID: 6760) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\exefile\shell\runas\command\\IsolatedCommand was changed. It was reset to "%1" %*!


Performing miscellaneous checks:

* ALERT: ZEROACCESS rootkit symptoms found!

* HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
* C:\$Recycle.Bin\S-1-5-18\$4719e0f44b06a60b64c77c29cc9239cf\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$4719e0f44b06a60b64c77c29cc9239cf\L\ [ZA Dir]
* C:\$Recycle.Bin\S-1-5-18\$4719e0f44b06a60b64c77c29cc9239cf\U\ [ZA Dir]

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/12/2012 08:15:21 PM
Execution time: 0 hours(s), 0 minute(s), and 22 seconds(s)
----------------------------------------------------------------------------

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "hpsysdrv" "hpsysdrv" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp odometer\hpsysdrv.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Carbonite Backup" "Carbonite User Interface" "Carbonite, Inc." "c:\program files (x86)\carbonite\carbonite backup\carboniteui.exe"
+ "ConnectionCenter" "Citrix Connection Center" "Citrix Systems, Inc." "c:\program files (x86)\citrix\ica client\concentr.exe"
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "Panda Security URL Filtering" "Visicom Media Anti-phishing Domain Advisor (Powered by Panda Security)" "Panda Security" "c:\programdata\panda security url filtering\panda_url_filtering.exe"
+ "PDF Complete" "Sentry for PDF" "PDF Complete Inc" "c:\program files (x86)\pdf complete\pdfsty.exe"
+ "PSUAMain" "PSUAMain" "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuamain.exe"
+ "StartCCC" "Catalyst® Control Center Launcher" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files (x86)\common files\java\java update\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Bluetooth.lnk" "Bluetooth Tray Application" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\bttray.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl64.dll"
+ "video/mp4" "MIME Video Detector for IE" "Advanced Micro Devices" "c:\program files\amd\steadyvideo\videomimefilter.dll"
+ "video/x-flv" "MIME Video Detector for IE" "Advanced Micro Devices" "c:\program files\amd\steadyvideo\videomimefilter.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "dssrequest" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "sacore" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Carbonite" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files\carbonite\carbonite backup\carbonitense.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuashell.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Carbonite" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files (x86)\carbonite\carbonite backup\carbonitense.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "Carbonite" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files\carbonite\carbonite backup\carbonitense.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "Carbonite" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files (x86)\carbonite\carbonite backup\carbonitense.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "LinkUpMenuExt" "HP LinkUp File Transfer Extension" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp linkup\linkupext64.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Carbonite" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files\carbonite\carbonite backup\carbonitense.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Carbonite" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files (x86)\carbonite\carbonite backup\carbonitense.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll"
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuashell.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl_x64.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "OpenOffice.org" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuashell.dll"
"HKLM\Software\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" ""
+ "Carbonite" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files\carbonite\carbonite backup\carbonitense.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\PropertySheetHandlers" "" "" ""
+ "Carbonite" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files (x86)\carbonite\carbonite backup\carbonitense.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Carbonite.Green" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files\carbonite\carbonite backup\carbonitense.dll"
+ "Carbonite.Partial" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files\carbonite\carbonite backup\carbonitense.dll"
+ "Carbonite.Yellow" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files\carbonite\carbonite backup\carbonitense.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "Carbonite.Green" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files (x86)\carbonite\carbonite backup\carbonitense.dll"
+ "Carbonite.Partial" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files (x86)\carbonite\carbonite backup\carbonitense.dll"
+ "Carbonite.Yellow" "Carbonite Explorer Extensions" "Carbonite, Inc." "c:\program files (x86)\carbonite\carbonite backup\carbonitense.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
+ "SteadyVideoBHO Class" "This plugin allows the user to turn AMD SteadyVideo on or off when video is detected on the web." "Advanced Micro Devices" "c:\program files\amd\steadyvideo\steadyvideo.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\oracle\javafx 2.1 runtime\bin\ssv.dll"
+ "McAfee SiteAdvisor BHO" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Panda Security Toolbar" "Panda Security Toolbar Link Library" "" "c:\program files (x86)\panda security\panda security toolbar\pandasecuritydx.dll"
+ "SteadyVideoBHO Class" "This plugin allows the user to turn AMD SteadyVideo on or off when video is detected on the web." "Advanced Micro Devices" "c:\program files (x86)\amd\steadyvideo\steadyvideo.dll"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "McAfee SiteAdvisor Toolbar" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\x64\mcieplg.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "McAfee SiteAdvisor" "SiteAdvisor" "McAfee, Inc." "c:\program files (x86)\mcafee\siteadvisor\mcieplg.dll"
+ "Panda Security Toolbar" "Panda Security Toolbar Link Library" "" "c:\program files (x86)\panda security\panda security toolbar\pandasecuritydx.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"Task Scheduler" "" "" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3347566271-4172135264-1591142074-1001Core" "Google Installer" "Google Inc." "c:\users\kitchell\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-3347566271-4172135264-1591142074-1001UA" "Google Installer" "Google Inc." "c:\users\kitchell\appdata\local\google\update\googleupdate.exe"
+ "\HPCeeScheduleForKitchell" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Microsoft Antimalware\MpIdleTask" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
+ "\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4}" "" "" "File not found: C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "AMD External Events Utility" "AMD External Events Service Module" "AMD" "c:\windows\system32\atiesrxx.exe"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "BBUpdate" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "btwdins" "Handles installation and removal of Bluetooth devices." "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "CalendarSynchService" "HP TouchSmart Calendar Service" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\touchsmart\calendar\service\gcalservice.exe"
+ "CarboniteService" "Carbonite Backup Service" "Carbonite, Inc. (www.carbonite.com)" "c:\program files\carbonite\carbonite backup\carboniteservice.exe"
+ "dsNcService" "Manages secure network connections" "Juniper Networks" "c:\program files (x86)\juniper networks\common files\dsncservice.exe"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPClientSvc" "HP Client Services" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "HPDrvMntSvc.exe" "HP Quick Synchronization Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex" "hpqwmiex Module" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "McAfee SiteAdvisor Service" "McAfee SiteAdvisor Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McMPFSvc" "Helps protect your computer from intrusion and let's you manage your computer's trusted programs." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "McAfee Network Agent" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\windows\system32\mfevtps.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NanoServiceMain" "Panda Cloud Antivirus Service" "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psanhost.exe"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe"
+ "pdfcDispatcher" "Manages the PDF document production process. A primary task is to enable the routing of documents from the print spooler to the user. If this service is stopped, PDF documents will be unavailable." "PDF Complete Inc" "c:\program files (x86)\pdf complete\pdfsvc.exe"
+ "PSUAService" "Panda Product Service" "Panda Security, S.L." "c:\program files (x86)\panda security\panda cloud antivirus\psuaservice.exe"
+ "Steam Client Service" "Steam Client Service monitors and updates Steam content" "Valve Corporation" "c:\program files (x86)\common files\steam\steamservice.exe"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "10729518" "" "" "File not found: C:\Windows\System32\Drivers\10729518.sys"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys"
+ "amd_sata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_sata.sys"
+ "amd_xata" "Stor Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amd_xata.sys"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl664.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "BTWAMPFL" "btwampfl Bluetooth filter driver" "Broadcom Corporation." "c:\windows\system32\drivers\btwampfl.sys"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\windows\system32\drivers\cfwids.sys"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys"
+ "ctxusbm" "Citrix USB Filter Driver" "Citrix Systems, Inc." "c:\windows\system32\drivers\ctxusbm.sys"
+ "dsNcAdpt" "dsNcAdapter" "Juniper Networks" "c:\windows\system32\drivers\dsncadpt.sys"
+ "EagleX64" "" "" "File not found: C:\Windows\system32\drivers\EagleX64.sys"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys"
+ "HipShieldK" "McAfee HIP IPS Driver" "McAfee, Inc." "c:\windows\system32\drivers\hipshieldk.sys"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\Windows\System32\Drivers\mfeavfk01.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdet.sys"
+ "mfewfpk" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfewfpk.sys"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys"
+ "NNSALPC" "Application Layer Protocol Colorizer" "Panda Security, S.L." "c:\windows\system32\drivers\nnsalpc.sys"
+ "NNSHTTP" "Http Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnshttp.sys"
+ "NNSIDS" "Intrusion Detection System" "Panda Security, S.L." "c:\windows\system32\drivers\nnsids.sys"
+ "NNSNAHSL" "Network Activity Hook Server LightWeight Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\nnsnahsl.sys"
+ "NNSPICC" "Process Info Colorizer Client" "Panda Security, S.L." "c:\windows\system32\drivers\nnspicc.sys"
+ "NNSPOP3" "Pop3 Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnspop3.sys"
+ "NNSPROT" "Network Protector" "Panda Security, S.L." "c:\windows\system32\drivers\nnsprot.sys"
+ "NNSPRV" "Network Provider" "Panda Security, S.L." "c:\windows\system32\drivers\nnsprv.sys"
+ "NNSSMTP" "Smtp Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnssmtp.sys"
+ "NNSSTRM" "Streamer" "Panda Security, S.L." "c:\windows\system32\drivers\nnsstrm.sys"
+ "NNSTLSC" "Transport Layer Session Colorizer" "Panda Security, S.L." "c:\windows\system32\drivers\nnstlsc.sys"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys"
+ "PSINAflt" "PSINAflt Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinaflt.sys"
+ "PSINFile" "PSINFile Mini-Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinfile.sys"
+ "PSINKNC" "PSINKNC Kernel Controller for Vista64" "Panda Security, S.L." "c:\windows\system32\drivers\psinknc.sys"
+ "PSINProc" "PSINProc Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinproc.sys"
+ "PSINProt" "PSINProt Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinprot.sys"
+ "PSKMAD" "Panda Kernel Memory Access Driver (x64)" "Panda Security" "c:\windows\system32\drivers\pskmad.sys"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver " "Realtek " "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "Serial" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys"
+ "stexstor" "Promise SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys"
+ "usbfilter" "AMD USB Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\usbfilter.sys"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys"
+ "X6va009" "" "" "File not found: C:\Windows\SysWOW64\Drivers\X6va009"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder " "CyberLink Corp. " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll"
+ "MS PR Source Filter" "" "" "File not found: C:\PROGRA~2\PLAYRE~1\PRSource.dll"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax"
+ "PlayReady DMO Wrapper" "" "" "File not found: C:\PROGRA~2\PLAYRE~1\PRDMOW~1.DLL"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" ""
+ "C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll" "Citrix Reverse Seamless Hook DLL" "Citrix Systems, Inc." "c:\program files (x86)\citrix\ica client\rshook.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" ""
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\PLAP Providers" "" "" ""
+ "dsNcCredentialProvider" "Network Connect Credential Provider" "Juniper Networks" "c:\windows\system32\dsnccredprov.dll"
+ "dsNcSmartCardProvider" "Network Connect Smart Card Credential Provider" "Juniper Networks" "c:\windows\system32\dsncsmartcardprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "PDFC" "PDF Complete Print Monitor" "PDF Complete, Inc." "c:\windows\system32\pdfc_port.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 PM

Posted 12 November 2012 - 10:11 PM

.

Edited by narenxp, 12 November 2012 - 10:57 PM.


#9 Antipodes

Antipodes
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 12 November 2012 - 10:49 PM

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/12/2012 09:49:15 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/12/2012 09:49:27 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 PM

Posted 12 November 2012 - 10:57 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#11 Antipodes

Antipodes
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 12 November 2012 - 11:15 PM

You guys are great!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:18 PM

Posted 12 November 2012 - 11:19 PM

Thankyou for the feedback :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users